|
2091
|
4.9 |
MEDIUM
Network
|
-
|
-
|
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'ff' parameter of the getFieldsForVisibleCombobox() func…
|
CWE-89
SQL Injection
|
CVE-2024-11714
|
2024-12-14 16:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2092
|
4.9 |
MEDIUM
Network
|
-
|
-
|
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'page_id' parameter of the wpjobportal_deactivate() func…
|
CWE-89
SQL Injection
|
CVE-2024-11713
|
2024-12-14 16:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2093
|
5.3 |
MEDIUM
Network
-
|
-
|
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getResume…
|
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
|
CVE-2024-11712
|
2024-12-14 16:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2094
|
7.5 |
HIGH
Network
-
|
-
|
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'resumeid' parameter in all versions up to, and includin…
|
CWE-89
SQL Injection
|
CVE-2024-11711
|
2024-12-14 16:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2095
|
4.9 |
MEDIUM
Network
|
-
|
-
|
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to SQL Injection via the 'fieldfor', 'visibleParent' and 'id' parameters in all v…
|
CWE-89
SQL Injection
|
CVE-2024-11710
|
2024-12-14 16:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2096
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Simple Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 2.0.3 due to insufficient input sanitization and…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12501
|
2024-12-14 15:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2097
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The GeoDataSource Country Region DropDown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gds-country-dropdown' shortcode in all versions up to, and including, 1.0…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12474
|
2024-12-14 15:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2098
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Ganohrs Toggle Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'toggle' shortcode in all versions up to, and including, 0.2.4 due to insufficient inpu…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12459
|
2024-12-14 15:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2099
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Import Eventbrite Events plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.7.4 due to insufficient input saniti…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12422
|
2024-12-14 15:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2100
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Eveeno plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'eveeno' shortcode in all versions up to, and including, 1.7 due to insufficient input sanitization and o…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11752
|
2024-12-14 15:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
