Wpjobportal

Wp Job Portal

28 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-48274

  • EPSS 0.04%
  • Published 17.06.2025 15:01:31
  • Last modified 08.07.2025 13:12:31

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpjobportal WP Job Portal allows Blind SQL Injection. This issue affects WP Job Portal: from n/a through 2.3.2.

8.1

CVE-2025-47438

  • EPSS 0.22%
  • Published 23.05.2025 12:43:37
  • Last modified 23.05.2025 15:54:42

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpjobportal WP Job Portal allows PHP Local File Inclusion. This issue affects WP Job Portal: from n/a through 2.3.1.

7.5

CVE-2025-48273

  • EPSS 0.07%
  • Published 23.05.2025 12:43:16
  • Last modified 23.05.2025 15:54:42

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wpjobportal WP Job Portal allows Path Traversal. This issue affects WP Job Portal: from n/a through 2.3.2.

5.3

CVE-2025-48272

  • EPSS 0.05%
  • Published 19.05.2025 14:45:25
  • Last modified 17.06.2025 14:10:18

Missing Authorization vulnerability in wpjobportal WP Job Portal allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Job Portal: from n/a through 2.3.2.

8.8

CVE-2025-26935

  • EPSS 0.07%
  • Published 25.02.2025 15:15:27
  • Last modified 25.03.2025 16:40:10

Path Traversal vulnerability in wpjobportal WP Job Portal allows PHP Local File Inclusion. This issue affects WP Job Portal: from n/a through 2.2.8.

4.3

CVE-2024-13873

  • EPSS 0.02%
  • Published 22.02.2025 04:15:09
  • Last modified 11.03.2025 13:32:22

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.8 via the deleteUserPhoto() function due to missing va...

4.3

CVE-2024-13429

  • EPSS 0.06%
  • Published 01.02.2025 08:15:10
  • Last modified 05.02.2025 16:05:10

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the 'jobenforcedelete' due to missing validation...

5.3

CVE-2024-13428

  • EPSS 0.08%
  • Published 01.02.2025 08:15:09
  • Last modified 05.02.2025 16:05:55

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the deleteCompanyLogo() due to missing validatio...

4.3

CVE-2024-13425

  • EPSS 0.06%
  • Published 01.02.2025 08:15:09
  • Last modified 05.02.2025 16:08:25

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the enforcedelete() function due to missing vali...

5.3

CVE-2024-13372

  • EPSS 0.08%
  • Published 01.02.2025 08:15:09
  • Last modified 05.02.2025 16:11:08

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the getresumefiledownloadbyid() and getallresume...