Eyecix: >> Jobsearch Wp Job Board >> 1.6.9 Security Vulnerabilities
The JobSearch WP Job Board plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the save_locsettings function in versions up to, and including, 1.8.1. This makes it possible for unauthenticated attackers to change the settings of the plugin.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-06-07
The WP JobSearch WordPress plugin before 1.7.4 did not sanitise or escape multiple of its parameters from the my-resume page before outputting them in the page, allowing low privilege users to use JavaScript payloads in them and leading to a Stored Cross-Site Scripting issue
CVSS Score
5.4
EPSS Score
0.002
Published
2021-07-12
Page 2