VYPR

Job Manager

by Wp Jobmanager

CVEs (5)

  • CVE-2015-6668HigOct 19, 2017
    risk 0.50cvss 7.5epss 0.10

    The Job Manager plugin before 0.7.25 allows remote attackers to read arbitrary CV files via a brute force attack to the WordPress upload directory structure, related to an insecure direct object reference.

  • CVE-2025-24550MedApr 17, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JobScore Job Manager job-manager-by-jobscore allows Stored XSS.This issue affects Job Manager: from n/a through <= 2.2.

  • CVE-2021-47920MedFeb 1, 2026
    risk 0.35cvss 5.4epss 0.00

    WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session…

  • CVE-2015-2321Aug 13, 2015
    risk 0.03cvss epss 0.05

    Cross-site scripting (XSS) vulnerability in the Job Manager plugin 0.7.22 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the email field.

  • CVE-2023-6978Dec 4, 2024
    risk 0.00cvss epss 0.00

    The WP Job Manager – Company Profiles plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'company' parameter in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping. This makes it possible for…