MidnightBSD

Advisories for intensewp

CVE-2017-14751 MEDIUM

The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
intensewp wp_jobs 1.3
intensewp wp_jobs 1.4
intensewp wp_jobs 1.5
intensewp wp_jobs 1.0
intensewp wp_jobs 1.2
intensewp wp_jobs 1.1
CVE-2017-9603 MEDIUM

SQL injection vulnerability in the WP Jobs plugin before 1.5 for WordPress allows authenticated users to execute arbitrary SQL commands via the jobid parameter to wp-admin/edit.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
intensewp wp_jobs *