|
961
|
4.4 |
MEDIUM
Network
|
-
|
-
|
The bodi0`s Easy cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cache-folder' parameter in all versions up to, and including, 0.8 due to insufficient input sanitizat…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12628
|
2024-12-14 16:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
962
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Post to Pdf plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gmptp_single_post' shortcode in all versions up to, and including, 1.0 due to insufficient input sa…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12446
|
2024-12-14 16:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
963
|
4.8 |
MEDIUM
Network
|
-
|
-
|
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the assignUserRole() …
|
CWE-862
Missing Authorization
|
CVE-2024-11715
|
2024-12-14 16:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
964
|
4.9 |
MEDIUM
Network
|
-
|
-
|
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'ff' parameter of the getFieldsForVisibleCombobox() func…
|
CWE-89
SQL Injection
|
CVE-2024-11714
|
2024-12-14 16:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
965
|
4.9 |
MEDIUM
Network
|
-
|
-
|
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'page_id' parameter of the wpjobportal_deactivate() func…
|
CWE-89
SQL Injection
|
CVE-2024-11713
|
2024-12-14 16:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
966
|
5.3 |
MEDIUM
Network
-
|
-
|
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getResume…
|
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
|
CVE-2024-11712
|
2024-12-14 16:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
967
|
7.5 |
HIGH
Network
-
|
-
|
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'resumeid' parameter in all versions up to, and includin…
|
CWE-89
SQL Injection
|
CVE-2024-11711
|
2024-12-14 16:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
968
|
4.9 |
MEDIUM
Network
|
-
|
-
|
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'fieldfor', 'visibleParent' and 'id' parameters in all v…
|
CWE-89
SQL Injection
|
CVE-2024-11710
|
2024-12-14 16:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
969
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Simple Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 2.0.3 due to insufficient input sanitization and…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12501
|
2024-12-14 15:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
970
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The GeoDataSource Country Region DropDown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gds-country-dropdown' shortcode in all versions up to, and including, 1.0…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12474
|
2024-12-14 15:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
