Blueglass

Jobs For Wordpress

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2026-23806

  • EPSS 0.04%
  • Veröffentlicht 25.03.2026 16:14:29
  • Zuletzt bearbeitet 30.03.2026 13:27:35

Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through <= 2.8.

5.4

CVE-2025-68597

  • EPSS 0.04%
  • Veröffentlicht 24.12.2025 13:10:45
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through <= 2.8.1.

6.5

CVE-2025-50050

  • EPSS 0.05%
  • Veröffentlicht 20.06.2025 15:15:31
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through <= 2.7.14.

6.5

CVE-2025-1310

  • EPSS 1.01%
  • Veröffentlicht 26.03.2025 09:21:40
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The Jobs for WordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.7.11 via the 'job_postings_get_file' parameter. This makes it possible for authenticated attackers, with Subscriber-level access ...

5.9

CVE-2024-10105

Exploit
  • EPSS 0.07%
  • Veröffentlicht 25.03.2025 06:00:03
  • Zuletzt bearbeitet 02.04.2025 17:33:33

The Job Postings WordPress plugin before 2.7.11 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is d...

5.9

CVE-2024-10104

Exploit
  • EPSS 0.24%
  • Veröffentlicht 15.11.2024 07:15:17
  • Zuletzt bearbeitet 11.04.2025 15:04:27

The Jobs for WordPress plugin before 2.7.8 does not sanitise and escape some of its Job settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks

6.1

CVE-2024-2833

  • EPSS 1.27%
  • Veröffentlicht 18.04.2024 10:15:08
  • Zuletzt bearbeitet 08.04.2026 19:21:12

The Jobs for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘job-search’ parameter in all versions up to, and including, 2.7.5 due to insufficient input sanitization and output escaping. This makes it possible ...

6.1

CVE-2024-32149

  • EPSS 0.23%
  • Veröffentlicht 15.04.2024 07:15:10
  • Zuletzt bearbeitet 13.02.2025 18:47:49

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Jobs for WordPress allows Reflected XSS.This issue affects Jobs for WordPress: from n/a through 2.7.5.

5.4

CVE-2024-0820

Exploit
  • EPSS 0.16%
  • Veröffentlicht 18.03.2024 19:15:06
  • Zuletzt bearbeitet 28.03.2025 20:15:20

The Jobs for WordPress plugin before 2.7.4 does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks

4.8

CVE-2023-26017

  • EPSS 0.08%
  • Veröffentlicht 03.05.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 07:50:36

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BlueGlass Jobs for WordPress plugin <= 2.5.10.2 versions.