14 matches found
EUVD-2021-25697
Malware in sbrugna...
EUVD-2015-2414
Malware in sbrugna...
CVE-2023-5906
The Job Manager & Career WordPress plugin before 1.4.4 contains a vulnerability in the Directory Listings system, which allows an unauthorized user to view and download private files of other users. This vulnerability poses a serious security threat because it allows an attacker to gain access to...
WordPress Plugin Custom Field For WP Job Manager 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2021-39336
The Job Manager WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /admin-jobs.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to a...
CVE-2021-39336 Job Manager <= 0.7.25 Authenticated Stored Cross-Site Scripting
The Job Manager WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /admin-jobs.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to a...
WordPress Job Manager plugin <= 0.7.25 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Job Manager plugin versions = 0.7.25. Solution Deactivate and delete. This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary,...
WordPress job-manager plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. job-manager is a recruitment/job search plugin used in it. A cross-site scripting vulnerability exists in the WordPress job-manager...
CVE-2015-6668
The Job Manager plugin before 0.7.25 allows remote attackers to read arbitrary CV files via a brute force attack to the WordPress upload directory structure, related to an insecure direct object reference...
CVE-2015-6668
The WordPress Job Manager plugin vulnerable versions before 0.7.25 allow remote attackers to read arbitrary CV files via an insecure direct object reference by brute-forcing the WordPress upload directory. Impact: CV file disclosure; attack vector: network, no authentication required. Remediation...
WordPress Job Manager Plugin <= 0.7.24 - Cross Site Scripting (XSS)
This plugin is prone to a cross site scripting vulnerability, because authenticated administrators can inject HTML or JS code. Vulnerable parameter is "jobman-rating". Solution Update the plugin...
CVE-2015-2321
Cross-site scripting XSS vulnerability in the Job Manager plugin 0.7.22 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the email field...
CVE-2015-2321
The CVE-2015-2321 entry applies to the WordPress Job Manager plugin (Job Manager Plugin for WordPress) version
WordPress Job Manager Plugin 0.7.22 - Persistent XSS
Job Manager plugin is prone to a persistent XSS vulnerability, because email field was not sanitized. It allows an attacler to steal cookies or perform phishing attacks. Other attacks are also possible. Solution Update the plugin...