Blueglass

Jobs For Wordpress

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2026-23806

  • EPSS 0.35%
  • Veröffentlicht 25.03.2026 16:14:29
  • Zuletzt bearbeitet 24.04.2026 16:32:53

Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through <= 2.8.

6.5

CVE-2025-68597

  • EPSS 0.13%
  • Veröffentlicht 24.12.2025 13:10:45
  • Zuletzt bearbeitet 27.04.2026 19:16:35

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through <= 2.8.1.

6.5

CVE-2025-50050

  • EPSS 0.19%
  • Veröffentlicht 20.06.2025 15:15:31
  • Zuletzt bearbeitet 23.04.2026 15:32:03

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through <= 2.7.14.

6.5

CVE-2025-1310

  • EPSS 0.67%
  • Veröffentlicht 26.03.2025 09:21:40
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The Jobs for WordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.7.11 via the 'job_postings_get_file' parameter. This makes it possible for authenticated attackers, with Subscriber-level access ...

5.9

CVE-2024-10105

Exploit
  • EPSS 0.28%
  • Veröffentlicht 25.03.2025 06:00:03
  • Zuletzt bearbeitet 02.04.2025 17:33:33

The Job Postings WordPress plugin before 2.7.11 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is d...

5.9

CVE-2024-10104

Exploit
  • EPSS 0.34%
  • Veröffentlicht 15.11.2024 07:15:17
  • Zuletzt bearbeitet 11.04.2025 15:04:27

The Jobs for WordPress plugin before 2.7.8 does not sanitise and escape some of its Job settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks

6.1

CVE-2024-2833

  • EPSS 0.39%
  • Veröffentlicht 18.04.2024 10:15:08
  • Zuletzt bearbeitet 08.04.2026 19:21:12

The Jobs for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘job-search’ parameter in all versions up to, and including, 2.7.5 due to insufficient input sanitization and output escaping. This makes it possible ...

6.1

CVE-2024-32149

  • EPSS 0.4%
  • Veröffentlicht 15.04.2024 07:15:10
  • Zuletzt bearbeitet 28.04.2026 19:24:37

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Jobs for WordPress allows Reflected XSS.This issue affects Jobs for WordPress: from n/a through 2.7.5.

5.4

CVE-2024-0820

Exploit
  • EPSS 0.46%
  • Veröffentlicht 18.03.2024 19:15:06
  • Zuletzt bearbeitet 28.03.2025 20:15:20

The Jobs for WordPress plugin before 2.7.4 does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks

4.8

CVE-2023-26017

  • EPSS 0.37%
  • Veröffentlicht 03.05.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 07:50:36

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BlueGlass Jobs for WordPress plugin <= 2.5.10.2 versions.