Wpmanageninja

wpmanageninja

23 CVEs • 7 products

Products (7)

Click to collapse

Toggle

Ninja Job Board

ninja_job_board

Pdf Generator For Fluent Forms

pdf_generator_for_fluent_forms

CVEs (23)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-2544 1Wpmanageninja 1Ninja Job Board Nov 21, 2024 Aug 22, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated Directory Listing which allows the download of uploaded resumes.
CVE-2021-24900 1Wpmanageninja 1Ninja Tables Nov 21, 2024 Feb 1, 2022 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 The Ninja Tables WordPress plugin before 4.1.8 does not sanitise and escape some of its table fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capabilit...Show more The Ninja Tables WordPress plugin before 4.1.8 does not sanitise and escape some of its table fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowedShow less
CVE-2021-24528 1Wpmanageninja 1Fluentsmtp Nov 21, 2024 Aug 30, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 The FluentSMTP WordPress plugin before 2.0.1 does not sanitize parameters before storing the settings in the database, nor does the plugin escape the values before outputting them when viewing the SMTP settings set by th...Show more The FluentSMTP WordPress plugin before 2.0.1 does not sanitize parameters before storing the settings in the database, nor does the plugin escape the values before outputting them when viewing the SMTP settings set by this plugin, leading to a stored cross site scripting (XSS) vulnerability. Only users with roles capable of managing plugins can modify the plugin's settings.Show less