Aggregates CVE and security vulnerability intelligence across all wpjobboard-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk cross-site scripting and vendor risk sql injection and related problems; some flaws may lead to vendor impact data exposure, affecting vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-47153 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPJobBoard Jobeleon Theme allows Reflected XSS.This issue affects Jobeleon Theme: from n/a through 1.9.1. | [email protected] | 7.1 | 0.19% | 2024-03-29 | 2026-04-28 |
| CVE-2020-9019 | The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS via the Add Job form, as demonstrated by title and Description. | [email protected] | 6.1 | 0.49% | 2020-02-25 | 2024-11-21 |
| CVE-2018-5695 | The WpJobBoard plugin 4.4.4 for WordPress allows SQL injection via the order or sort parameter to the wpjb-job or wpjb-alerts module, with a request to wp-admin/admin.php. | [email protected] | 7.2 | 0.54% | 2018-01-14 | 2024-11-21 |
| CVE-2017-15375 | Multiple client-side cross site scripting vulnerabilities have been discovered in the WpJobBoard v4.5.1 web-application for WordPress. The vulnerabilities are located in the `query` and `id` parameters of the `wpjb-email`, `wpjb-job`, `wpjb-application`, and `wpjb-membership` modules. Remote attackers are able to inject malicious script code to hijack admin session credentials via the backend, or to manipulate the backend on client-side performed requests. The attack vector is non-persistent and | [email protected] | 6.1 | 0.20% | 2017-10-16 | 2026-05-13 |