Vulnerabilities and security researches forwp-job-openings wp-job-openings

Jun 07, 2024

CVE, Research URL: CVE-2023-4933
Home page URL: Security reports for WP Job Openings – Job Listing, Career Page and Recruitment Plugin
Application: WP Job Openings – Job Listing, Career Page and Recruitment Plugin
Date: Oct 17, 2023
Research Description: The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled.
Affected versions: max 3.4.3.
Status: vulnerable

Mar 21, 2025

CVE, Research URL: CVE-2023-45061
Home page URL: Security reports for WP Job Openings – Job Listing, Career Page and Recruitment Plugin
Application: WP Job Openings – Job Listing, Career Page and Recruitment Plugin
Date: Jan 02, 2025
Research Description: Missing Authorization vulnerability in AWSM Innovations WP Job Openings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Openings: from n/a through 3.4.1.
Affected versions: max 3.4.2.
Status: vulnerable