cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-13698,https://securityvulnerability.io/vulnerability/CVE-2024-13698,Unauthorized Data Access in Jobify WordPress Theme by Astoundify,"The Jobify - Job Board WordPress Theme is exposed to a significant security risk due to a lack of capability verification in its 'download_image_via_ai' and 'generate_image_via_ai' functionalities. This oversight allows unauthenticated attackers to send web requests to arbitrary locations, potentially leading to the unauthorized uploading of image files and misuse of the site's OpenAI API key. This vulnerability is present in all versions up to and including 4.2.7, necessitating immediate attention from users to mitigate potential data breaches.",Wordpress,Jobify - Job Board WordPress Theme,6.5,MEDIUM,0.0004600000102072954,false,,false,false,false,false,false,false,2025-01-24T15:21:43.913Z,0
CVE-2024-52478,https://securityvulnerability.io/vulnerability/CVE-2024-52478,Stored XSS Vulnerability Affects Jobify - Job Board WordPress Theme,Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ben Marshall Jobify - Job Board WordPress Theme allows Stored XSS.This issue affects Jobify - Job Board WordPress Theme: from n/a through 4.2.3.,Wordpress,Jobify - Job Board WordPress Theme,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-12-02T13:48:58.844Z,0
CVE-2024-52479,https://securityvulnerability.io/vulnerability/CVE-2024-52479,CSRF Vulnerability in Jobify - Job Board WordPress Theme,Cross-Site Request Forgery (CSRF) vulnerability in Ben Marshall Jobify - Job Board WordPress Theme allows Cross Site Request Forgery.This issue affects Jobify - Job Board WordPress Theme: from n/a through 4.2.3.,Wordpress,Jobify - Job Board WordPress Theme,4.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-12-02T13:48:58.309Z,0
CVE-2024-52481,https://securityvulnerability.io/vulnerability/CVE-2024-52481,Relative Path Traversal Vulnerability in Astoundify Jobify Theme,"A vulnerability exists in Astoundify's Jobify - Job Board WordPress Theme due to improper restrictions on pathname handling, which may permit attackers to perform relative path traversal. This flaw enables unauthorized access to files outside the expected directory, potentially compromising sensitive information. Users running Jobify versions up to 4.2.3 should be aware of this issue and take action to mitigate risk.",Wordpress,Jobify - Job Board WordPress Theme,7.5,HIGH,0.0004400000034365803,false,,false,false,false,,false,false,2024-11-28T10:35:44.848Z,0