Wpjobportal

wpjobportal

28 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (28)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-7950 1Wpjobportal 1Wp Job Portal Oct 4, 2024 Sep 4, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Local File Inclusion, Arbitrary Settings Update, and User Creation in all versions up to, and inclu...Show more The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Local File Inclusion, Arbitrary Settings Update, and User Creation in all versions up to, and including, 2.1.6 via several functions called by the 'checkFormRequest' function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. Attackers can also update arbitrary settings and create user accounts even when registration is disabled, leading to user creation with a default role of Administrator.Show less
CVE-2024-43266 1Wpjobportal 1Wp Job Portal Apr 23, 2026 Aug 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Authorization Bypass Through User-Controlled Key vulnerability in wpjobportal WP Job Portal wp-job-portal.This issue affects WP Job Portal: from n/a through <= 2.1.8.
CVE-2024-35760 1Wpjobportal 1Wp Job Portal Apr 23, 2026 Jun 21, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpjobportal WP Job Portal wp-job-portal allows DOM-Based XSS.This issue affects WP Job Portal: from n/a through <= 2.1...Show more Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpjobportal WP Job Portal wp-job-portal allows DOM-Based XSS.This issue affects WP Job Portal: from n/a through <= 2.1.3.Show less
CVE-2024-35759 1Wpjobportal 1Wp Job Portal Apr 23, 2026 Jun 21, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpjobportal WP Job Portal wp-job-portal.This issue affects WP Job Portal: from n/a through <= 2.1.3.
CVE-2022-41786 1Wpjobportal 1Wp Job Portal Apr 28, 2026 Jan 17, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Missing Authorization vulnerability in WP Job Portal WP Job Portal – A Complete Job Board.This issue affects WP Job Portal – A Complete Job Board: from n/a through 2.0.1.
CVE-2023-52184 1Wpjobportal 1Wp Job Portal Apr 28, 2026 Jan 5, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in WP Job Portal WP Job Portal – A Complete Job Board.This issue affects WP Job Portal – A Complete Job Board: from n/a through 2.0.6.
CVE-2023-4490 1Wpjobportal 1Wp Job Portal Apr 23, 2025 Sep 25, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The WP Job Portal WordPress plugin before 2.0.6 does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users
CVE-2023-28534 1Wpjobportal 1Wp Job Portal Apr 28, 2026 Jun 22, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in WP Job Portal WP Job Portal – A Complete Job Board plugin <= 2.0.0 versions.