cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11925,https://securityvulnerability.io/vulnerability/CVE-2024-11925,Unauthenticated Attackers Can Easily Escalate Privileges on JobSearch WP Job Board Plugin,"The JobSearch WP Job Board plugin for WordPress allows unauthenticated attackers to exploit a privilege escalation vulnerability stemming from inadequate verification of user identities during the email address verification process in the user_account_activation function. This security flaw affects all versions up to and including 2.6.7, enabling unauthorized users to log in as any registered user, potentially including site administrators, provided they have knowledge of the users' email addresses. The oversight creates significant security risks for WordPress sites utilizing this plugin, necessitating prompt action to secure the affected installations.",Wordpress,Jobsearch WP Job Board,9.8,CRITICAL,0.0004299999854993075,false,,false,false,false,,false,false,2024-11-28T07:14:07.539Z,0
CVE-2024-8614,https://securityvulnerability.io/vulnerability/CVE-2024-8614,Arbitrary File Upload Vulnerability in JobSearch WP Job Board Plugin,"The JobSearch WP Job Board plugin for WordPress has a security vulnerability that permits arbitrary file uploads, stemming from insufficient file type validation in the `jobsearch_wp_handle_upload()` function. This flaw affects all versions up to and including 2.6.7, allowing authenticated users, including those with subscriber-level access and higher, to upload malicious files to the server. This successful exploit could pave the way for potential remote code execution, posing significant risks to the integrity and security of the affected WordPress site.",Wordpress,Jobsearch WP Job Board,8.8,HIGH,0.0005000000237487257,false,,false,false,false,,false,false,2024-11-06T09:15:00.000Z,0
CVE-2024-8615,https://securityvulnerability.io/vulnerability/CVE-2024-8615,Unauthenticated File Upload Vulnerability in JobSearch WP Job Board Plugin Could Lead to Remote Code Execution,"The JobSearch WP Job Board plugin for WordPress features a vulnerability that permits unauthenticated attackers to upload arbitrary files to the server. This issue arises from a lack of proper file type validation in the jobsearch_location_load_excel_file_callback() function. All versions of the plugin up to and including 2.6.7 are affected, enabling potential exploitation that could lead to remote code execution on the affected site's infrastructure.",Wordpress,Jobsearch WP Job Board,9.8,CRITICAL,0.000910000002477318,false,,false,false,false,,false,false,2024-11-06T09:15:00.000Z,0
CVE-2021-4364,https://securityvulnerability.io/vulnerability/CVE-2021-4364,Authorization Bypass in JobSearch WP Job Board Plugin for WordPress,"The JobSearch WP Job Board plugin for WordPress has a serious vulnerability that allows authenticated attackers to bypass authorization checks due to a missing capability in the jobsearch_add_job_import_schedule_call() function. This flaw affects versions up to and including 1.8.1, enabling unauthorized modifications to job schedules, thus compromising the integrity and functionality of the application. Site owners using this plugin are advised to update to the latest version immediately to mitigate potential risks.",Wordpress,Jobsearch WP Job Board,4.3,MEDIUM,0.0008999999845400453,false,,false,false,false,,false,false,2023-06-07T01:51:30.752Z,0
CVE-2021-4361,https://securityvulnerability.io/vulnerability/CVE-2021-4361,Authorization Bypass Vulnerability in JobSearch WP Job Board Plugin for WordPress,"The JobSearch WP Job Board plugin, utilized within WordPress sites, is susceptible to an authorization bypass vulnerability. Due to a missing capability check in the jobsearch_job_integrations_settin_save AJAX action, an authenticated attacker may exploit this weakness to modify arbitrary settings on the site. This could lead to unauthorized changes and potential management of site configurations without proper permissions, emphasizing the need for timely updates and security measures.",Wordpress,Jobsearch WP Job Board,8.8,HIGH,0.004220000002533197,false,,false,false,false,,false,false,2023-06-07T01:51:28.550Z,0
CVE-2021-4352,https://securityvulnerability.io/vulnerability/CVE-2021-4352,Authorization Bypass in JobSearch WP Job Board Plugin for WordPress,"The JobSearch WP Job Board plugin for WordPress is susceptible to an authorization bypass due to a lack of capability checks in the save_locsettings function. This vulnerability allows unauthenticated attackers to modify plugin settings, potentially jeopardizing the integrity and security of the WordPress site. Websites utilizing affected versions (up to and including 1.8.1) should prioritize updating the plugin to mitigate risks associated with unauthorized changes.",Wordpress,Jobsearch WP Job Board,5.3,MEDIUM,0.0014299999456852674,false,,false,false,false,,false,false,2023-06-07T01:51:21.174Z,0