← back
CVE-2022-1168

JobSearch < 1.5.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)

EPSS 1.8%CWE-79
Vexday Risk Score
18Low
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS EPSS 1.8%KEV nãoPoC Nuclei simMetasploit Patch
Lifecycle
04 Apr 2022Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
There is a Cross-Site Scripting vulnerability in the JobSearch WP JobSearch WordPress plugin before 1.5.1.
Affected products
Unknown · WP JobSearch

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://codecanyon.net/item/jobsearch-wp-job-board-wordpress-plugin/21066856https://wpscan.com/vulnerability/bcf38e87-011e-4540-8bfb-c93443a4a490