VYPR

Wp Job Portal

by Wpjobportal

Source repositories

CVEs (32)

  • CVE-2024-13371Feb 1, 2025
    risk 0.00cvss epss 0.01

    The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized arbitrary emails sending due to a missing capability check on the sendEmailToJobSeeker() function in all versions up to, and including, 2.2.6.…

  • CVE-2024-13425Feb 1, 2025
    risk 0.00cvss epss 0.00

    The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the enforcedelete() function due to missing validation on a user controlled…

  • CVE-2024-13429Feb 1, 2025
    risk 0.00cvss epss 0.00

    The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the 'jobenforcedelete' due to missing validation on a user controlled key.…

  • CVE-2024-11712Dec 14, 2024
    risk 0.00cvss epss 0.00

    The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getResumeFileDownloadById() function in all versions up to, and including, 2.2.2. This…

  • CVE-2024-11711Dec 14, 2024
    risk 0.00cvss epss 0.01

    The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'resumeid' parameter in all versions up to, and including, 2.2.1 due to insufficient escaping on the user supplied parameter and lack…

  • CVE-2024-11714Dec 14, 2024
    risk 0.00cvss epss 0.00

    The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'ff' parameter of the getFieldsForVisibleCombobox() function in all versions up to, and including, 2.2.2 due to insufficient escaping…

  • CVE-2024-11713Dec 14, 2024
    risk 0.00cvss epss 0.00

    The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'page_id' parameter of the wpjobportal_deactivate() function in all versions up to, and including, 2.2.2 due to insufficient escaping…

  • CVE-2024-11715Dec 14, 2024
    risk 0.00cvss epss 0.00

    The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the assignUserRole() function in all versions up to, and including, 2.2.2. This makes it possible…

  • CVE-2024-8463Sep 5, 2024
    risk 0.00cvss epss 0.01

    File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of which could allow an authenticated user to execute an RCE via webshell.

  • CVE-2024-8167Aug 26, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Job Portal 1.0. It has been classified as critical. Affected is an unknown function of the file /forget.php. The manipulation of the argument email/mobile leads to sql injection. It is possible to launch the attack remotely. The exploit…

  • CVE-2024-7682Aug 12, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in code-projects Job Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file rw_i_nat.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been…

  • CVE-2021-39337Oct 15, 2021
    risk 0.00cvss epss 0.01

    The job-portal WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/admin/jobs_function.php file which allowed attackers with administrative user access to inject arbitrary web…

Page 2 of 2