VYPR

Job Manager

by WordPress

CVEs (6)

  • CVE-2015-6668HigOct 19, 2017
    risk 0.50cvss 7.5epss 0.10

    The Job Manager plugin before 0.7.25 allows remote attackers to read arbitrary CV files via a brute force attack to the WordPress upload directory structure, related to an insecure direct object reference.

  • CVE-2023-31087MedNov 9, 2023
    risk 0.35cvss 5.4epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions.

  • CVE-2015-2321Aug 13, 2015
    risk 0.03cvss epss 0.05

    Cross-site scripting (XSS) vulnerability in the Job Manager plugin 0.7.22 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the email field.

  • CVE-2023-6978Dec 4, 2024
    risk 0.00cvss epss 0.00

    The WP Job Manager – Company Profiles plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'company' parameter in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping. This makes it possible for…

  • CVE-2021-39336Oct 15, 2021
    risk 0.00cvss epss 0.01

    The Job Manager WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/admin-jobs.php file which allowed attackers with administrative user access to inject arbitrary web scripts,…

  • CVE-2012-6713Aug 13, 2019
    risk 0.00cvss epss 0.01

    The job-manager plugin before 0.7.19 for WordPress has multiple XSS issues.