VYPR

Wp Jobsearch

by WordPress

CVEs (17)

  • CVE-2025-62025CriOct 22, 2025
    risk 0.64cvss 9.8epss 0.01

    Deserialization of Untrusted Data vulnerability in eyecix JobSearch wp-jobsearch.This issue affects JobSearch: from n/a through < 3.0.8.

  • CVE-2024-47636CriOct 10, 2024
    risk 0.64cvss 9.8epss 0.01

    Deserialization of Untrusted Data vulnerability in eyecix JobSearch wp-jobsearch allows Object Injection.This issue affects JobSearch: from n/a through <= 2.5.9.

  • CVE-2024-43245CriAug 19, 2024
    risk 0.64cvss 9.8epss 0.00

    Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This issue affects JobSearch: from n/a through 2.3.4.

  • CVE-2025-52806HigAug 14, 2025
    risk 0.49cvss 7.5epss 0.00

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in eyecix JobSearch wp-jobsearch allows PHP Local File Inclusion.This issue affects JobSearch: from n/a through < 3.0.8.

  • CVE-2025-52798HigJul 4, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch wp-jobsearch allows Reflected XSS.This issue affects JobSearch: from n/a through < 3.0.6.

  • CVE-2024-47394HigOct 5, 2024
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch wp-jobsearch allows Reflected XSS.This issue affects JobSearch: from n/a through <= 2.5.9.

  • CVE-2025-49978MedJun 20, 2025
    risk 0.28cvss 4.3epss 0.00

    Authorization Bypass Through User-Controlled Key vulnerability in eyecix JobSearch wp-jobsearch allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobSearch: from n/a through < 3.0.6.

  • CVE-2024-43930MedOct 31, 2024
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in eyecix JobSearch allows Cross Site Request Forgery.This issue affects JobSearch: from n/a through 2.5.3.

  • CVE-2026-54186Jun 17, 2026
    risk 0.00cvss epss 0.00

    Unauthenticated SQL Injection in JobSearch <= 3.2.9 versions.

  • CVE-2026-49057Jun 16, 2026
    risk 0.00cvss epss 0.00

    Unauthenticated Broken Access Control in JobSearch <= 3.2.7 versions.

  • CVE-2024-43928Nov 1, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in eyecix JobSearch allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobSearch: from n/a through 2.5.4.

  • CVE-2024-43929Nov 1, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in eyecix JobSearch allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JobSearch: from n/a through 2.5.4.

  • CVE-2024-43931Aug 29, 2024
    risk 0.00cvss epss 0.01

    Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.3.

  • CVE-2023-6584Feb 27, 2024
    risk 0.00cvss epss 0.01

    The WP JobSearch WordPress plugin before 2.3.4 does not prevent attackers from logging-in as any users with the only knowledge of that user's email address.

  • CVE-2023-6585Feb 27, 2024
    risk 0.00cvss epss 0.01

    The WP JobSearch WordPress plugin before 2.3.4 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server

  • CVE-2022-1168Apr 4, 2022
    risk 0.00cvss epss 0.02

    There is a Cross-Site Scripting vulnerability in the JobSearch WP JobSearch WordPress plugin before 1.5.1.

  • CVE-2021-24421Jul 12, 2021
    risk 0.00cvss epss 0.01

    The WP JobSearch WordPress plugin before 1.7.4 did not sanitise or escape multiple of its parameters from the my-resume page before outputting them in the page, allowing low privilege users to use JavaScript payloads in them and leading to a Stored Cross-Site Scripting issue