WordPress Nokri Theme <= 1.6.4 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Nokri versions = 1.6.4...

CVE-2025-1313 Nokri - Job Board WordPress Theme <= 1.6.3 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover

The Nokri - Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.3. This is due to the plugin not properly validating a user's identity prior to updating their details like email address. This makes it...

CVE-2025-1313 Nokri - Job Board WordPress Theme <= 1.6.3 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover

The Nokri - Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.3. This is due to the plugin not properly validating a user's identity prior to updating their details like email address. This makes it...

PT-2025-29296 · WordPress · The Nokri – Job Board Wordpress Theme

Name of the Vulnerable Software and Affected Versions: Nokri - Job Board WordPress Theme versions prior to 1.6.4 Description: The Nokri - Job Board WordPress Theme is susceptible to privilege escalation, potentially leading to account takeover. The issue stems from insufficient validation of a...

Nokri - Job Board Theme for WordPress < 1.6.3 Arbitrary Password Change

The WordPress DWT - Directory & Listing Theme installed on the remote host is affected by an unauthenticated Arbitrary Password Change. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...