Vulnerabilities and security researches forjobwp jobwp

Jun 07, 2024

CVE, Research URL: CVE-2023-48288
Home page URL: Security reports for WordPress Job Board and Recruitment Plugin – JobWP
Application: WordPress Job Board and Recruitment Plugin – JobWP
Date: Dec 21, 2023
Research Description: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin – JobWP: from n/a through 2.1.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: d3132dc76d8786c1409d32f3771c3624f40c9f5c
Home page URL: Security reports for WordPress Job Board and Recruitment Plugin – JobWP
Application: WordPress Job Board and Recruitment Plugin – JobWP
Date: Jul 26, 2023
Research Description: JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin [jobwp] < 2.0 WordPress WordPress Job Board and Recruitment Plugin – JobWP Plugin < 2.0 is vulnerable to Cross Site Scripting (XSS) Update the plugin to the latest version. Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress WordPress Job Board and Recruitment Plugin – JobWP Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 2.0.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2023-29384
Home page URL: Security reports for WordPress Job Board and Recruitment Plugin – JobWP
Application: WordPress Job Board and Recruitment Plugin – JobWP
Date: Dec 21, 2023
Research Description: Unrestricted Upload of File with Dangerous Type vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin – JobWP: from n/a through 2.0.
Affected versions: Min -, max -.
Status: vulnerable

Apr 06, 2025

CVE, Research URL: CVE-2025-32265
Home page URL: Security reports for WordPress Job Board and Recruitment Plugin – JobWP
Application: WordPress Job Board and Recruitment Plugin – JobWP
Date: Apr 04, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak JobWP allows Cross Site Request Forgery. This issue affects JobWP: from n/a through 2.3.9.
Affected versions: Min -, max -.
Status: vulnerable

Apr 20, 2025

CVE, Research URL: CVE-2025-2010
Home page URL: Security reports for WordPress Job Board and Recruitment Plugin – JobWP
Application: WordPress Job Board and Recruitment Plugin – JobWP
Date: Apr 19, 2025
Research Description: The JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is vulnerable to SQL Injection via the 'jobwp_upload_resume' parameter in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Affected versions: Min -, max -.
Status: vulnerable

Jun 30, 2025

CVE, Research URL: CVE-2025-49975
Home page URL: Security reports for WordPress Job Board and Recruitment Plugin – JobWP
Application: WordPress Job Board and Recruitment Plugin – JobWP
Date: Jun 20, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak JobWP allows Cross Site Request Forgery. This issue affects JobWP: from n/a through 2.4.0.
Affected versions: Min -, max -.
Status: vulnerable