2 matches found
CVE-2017-14751
The CVE-2017-14751 entry relates to the WordPress WP Jobs plugin version 1.5, where the Job Qualification field is vulnerable to cross‑site scripting (XSS). Public sources describe this as a XSS vulnerability in the WP Jobs plugin, with at least one entry indicating a remote attacker can exploit ...
CVE-2017-9603
Summary: CVE-2017-9603 is a SQL injection vulnerability in the WP Jobs WordPress plugin (versions before 1.5). The issue allows authenticated users to execute arbitrary SQL commands via the jobid parameter in wp-admin/edit.php. The PoC demonstrates crafting a UNION-based payload (e.g., jobid=5 UN...