Wpjobportal

Wp Job Portal

33 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2026-4758

  • EPSS 0.28%
  • Veröffentlicht 25.03.2026 23:26:02
  • Zuletzt bearbeitet 30.03.2026 13:26:50

The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possible f...

7.5

CVE-2026-4306

  • EPSS 0.09%
  • Veröffentlicht 23.03.2026 22:25:40
  • Zuletzt bearbeitet 24.03.2026 15:53:48

The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up to, and including, 2.4.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existin...

7.5

CVE-2026-24941

  • EPSS 0.05%
  • Veröffentlicht 20.02.2026 15:47:07
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Missing Authorization vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through <= 2.4.4.

9.1

CVE-2026-24379

  • EPSS 0.05%
  • Veröffentlicht 22.01.2026 16:52:46
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Authorization Bypass Through User-Controlled Key vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through <= 2.4.3.

4.4

CVE-2025-14467

  • EPSS 0.05%
  • Veröffentlicht 12.12.2025 03:20:39
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The WP Job Portal plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.4.4. This is due to the plugin explicitly whitelisting the `<script>` tag in its `WPJOBPORTAL_ALLOWED_TAGS` configuration and ...

7.5

CVE-2025-48274

  • EPSS 0.06%
  • Veröffentlicht 17.06.2025 15:01:31
  • Zuletzt bearbeitet 01.04.2026 17:24:36

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpjobportal WP Job Portal wp-job-portal allows Blind SQL Injection.This issue affects WP Job Portal: from n/a through <= 2.3.2.

9.8

CVE-2025-47438

  • EPSS 0.73%
  • Veröffentlicht 23.05.2025 12:43:37
  • Zuletzt bearbeitet 01.04.2026 17:23:47

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpjobportal WP Job Portal wp-job-portal allows PHP Local File Inclusion.This issue affects WP Job Portal: from n/a through <= 2.3...

7.5

CVE-2025-48273

  • EPSS 0.24%
  • Veröffentlicht 23.05.2025 12:43:16
  • Zuletzt bearbeitet 01.04.2026 17:24:36

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wpjobportal WP Job Portal wp-job-portal allows Path Traversal.This issue affects WP Job Portal: from n/a through <= 2.3.2.

5.3

CVE-2025-48272

  • EPSS 0.13%
  • Veröffentlicht 19.05.2025 14:45:25
  • Zuletzt bearbeitet 01.04.2026 17:24:36

Missing Authorization vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through <= 2.3.2.

8.8

CVE-2025-26935

  • EPSS 0.27%
  • Veröffentlicht 25.02.2025 15:15:27
  • Zuletzt bearbeitet 01.04.2026 17:19:11

Path Traversal: '.../...//' vulnerability in wpjobportal WP Job Portal wp-job-portal allows PHP Local File Inclusion.This issue affects WP Job Portal: from n/a through <= 2.2.8.