Vulnerabilities and security researches forauto-location-for-wp-job-manager auto-location-for-wp-job-manager

Jun 06, 2024

CVE, Research URL: CVE-2023-3344
Home page URL: Security reports for Auto Location for WP Job Manager
Application: Auto Location for WP Job Manager
Date: Jul 24, 2023
Research Description: The Auto Location for WP Job Manager via Google WordPress plugin before 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions: max 1.1.
Status: vulnerable