Blueglass

Jobs For Wordpress

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-68597

  • EPSS 0.04%
  • Veröffentlicht 24.12.2025 13:10:45
  • Zuletzt bearbeitet 20.01.2026 15:19:50

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through <= 2.7.17.

6.5

CVE-2025-50050

  • EPSS 0.03%
  • Veröffentlicht 20.06.2025 15:15:31
  • Zuletzt bearbeitet 23.06.2025 20:16:40

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Interactive AG Jobs for WordPress allows Stored XSS. This issue affects Jobs for WordPress: from n/a through 2.7.12.

6.5

CVE-2025-1310

  • EPSS 1.01%
  • Veröffentlicht 26.03.2025 09:21:40
  • Zuletzt bearbeitet 27.03.2025 16:45:46

The Jobs for WordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.7.11 via the 'job_postings_get_file' parameter. This makes it possible for authenticated attackers, with Subscriber-level access ...

5.9

CVE-2024-10105

Exploit
  • EPSS 0.07%
  • Veröffentlicht 25.03.2025 06:00:03
  • Zuletzt bearbeitet 02.04.2025 17:33:33

The Job Postings WordPress plugin before 2.7.11 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is d...

5.9

CVE-2024-10104

Exploit
  • EPSS 0.09%
  • Veröffentlicht 15.11.2024 07:15:17
  • Zuletzt bearbeitet 11.04.2025 15:04:27

The Jobs for WordPress plugin before 2.7.8 does not sanitise and escape some of its Job settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks

6.1

CVE-2024-2833

  • EPSS 1.27%
  • Veröffentlicht 18.04.2024 10:15:08
  • Zuletzt bearbeitet 13.02.2025 18:53:23

The Jobs for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘job-search’ parameter in all versions up to, and including, 2.7.5 due to insufficient input sanitization and output escaping. This makes it possible ...

6.1

CVE-2024-32149

  • EPSS 0.23%
  • Veröffentlicht 15.04.2024 07:15:10
  • Zuletzt bearbeitet 13.02.2025 18:47:49

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Jobs for WordPress allows Reflected XSS.This issue affects Jobs for WordPress: from n/a through 2.7.5.

5.4

CVE-2024-0820

Exploit
  • EPSS 0.23%
  • Veröffentlicht 18.03.2024 19:15:06
  • Zuletzt bearbeitet 28.03.2025 20:15:20

The Jobs for WordPress plugin before 2.7.4 does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks

4.8

CVE-2023-26017

  • EPSS 0.08%
  • Veröffentlicht 03.05.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 07:50:36

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BlueGlass Jobs for WordPress plugin <= 2.5.10.2 versions.

5.4

CVE-2022-44743

  • EPSS 0.1%
  • Veröffentlicht 23.04.2023 10:15:07
  • Zuletzt bearbeitet 21.11.2024 07:28:24

Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in BlueGlass Jobs for WordPress plugin <= 2.5.11.2 versions.