VYPR

Job Board

by WordPress

Source repositories

CVEs (4)

  • CVE-2024-8615CriNov 6, 2024
    risk 0.65cvss 10.0epss 0.01

    The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jobsearch_location_load_excel_file_callback() function in all versions up to, and including, 2.6.7. This makes it possible for unauthenticated…

  • CVE-2024-12213CriFeb 12, 2025
    risk 0.64cvss 9.8epss 0.01

    The WP Job Board Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to 2.3.16. This is due to the plugin allowing a user to supply the 'role' field when registering. This makes it possible for unauthenticated attackers to register as an…

  • CVE-2024-8614CriNov 6, 2024
    risk 0.64cvss 9.9epss 0.01

    The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jobsearch_wp_handle_upload() function in all versions up to, and including, 2.6.7. This makes it possible for authenticated attackers, with…

  • CVE-2025-13383MedNov 25, 2025
    risk 0.33cvss 6.1epss 0.00

    The Job Board by BestWebSoft plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.2.1. This is due to the plugin storing the entire unsanitized `$_GET` superglobal array directly into the database via `update_user_meta()` when…