Vulnerabilities in wpjobportal
30 resultsCVE-2024-7950CRITICALWP Job Portal <= 2.1.6 - Missing Authorization to Unauthenticated Local File Inclusion, Arbitrary Settings Update, and User CreationEPSS 1.2%CVE-2026-4758HIGHWP Job Portal <= 2.4.9 - Authenticated (Subscriber+) Arbitrary File Deletion via Resume Custom File FieldEPSS 0.8%CVE-2025-26935HIGHWordPress WP Job Portal plugin <= 2.2.8 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2025-47438HIGHWordPress WP Job Portal plugin <= 2.3.1 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-11711HIGHWP Job Portal <= 2.2.1 - Unauthenticated SQL InjectionEPSS 0.5%CVE-2024-13371MEDIUMWP Job Portal <= 2.2.6 - Missing Authorization to Unauthenticated Arbitrary Email SendingEPSS 0.5%CVE-2024-11713MEDIUMWP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL Injection via wpjobportal_deactivate()EPSS 0.5%CVE-2024-11714MEDIUMWP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL Injection via getFieldsForVisibleCombobox()EPSS 0.5%CVE-2024-11710MEDIUMWP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL InjectionEPSS 0.5%CVE-2024-11715MEDIUMWP Job Portal <= 2.2.2 - Missing Authorization to Limited Privilege EscalationEPSS 0.4%CVE-2024-11712MEDIUMWP Job Portal <= 2.2.2 - Missing Authorization to Unauthenticated Arbitrary Resume DownloadEPSS 0.4%CVE-2025-48273HIGHWordPress WP Job Portal plugin <= 2.3.2 - Arbitrary File Download VulnerabilityEPSS 0.4%CVE-2026-4306HIGHWP Job Portal <= 2.4.8 - Unauthenticated SQL Injection via 'radius' ParameterEPSS 0.4%CVE-2024-13372MEDIUMWP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Unauthenticated Arbitrary Resume DownloadEPSS 0.4%CVE-2024-13428MEDIUMWP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Unauthenticated Company Logo DeletionEPSS 0.4%CVE-2024-12132MEDIUMWP Job Portal – A Complete Recruitment System for Company or Job Board website <= 2.2.4 - Authenticated (Subscriber+) Insecure Direct Object ReferenceEPSS 0.4%CVE-2024-43266MEDIUMWordPress WP Job Portal plugin <= 2.1.8 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.4%CVE-2024-13429MEDIUMWP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Authenticated (Employer+) Arbitrary Job DeletionEPSS 0.3%CVE-2024-13425MEDIUMWP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Authenticated (Employer+) Arbitrary Company DeletionEPSS 0.3%CVE-2024-35760MEDIUMWordPress WP Job Portal plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%