Vulnerabilities > Eyecix

DATE CVE VULNERABILITY TITLE RISK
2023-06-07 CVE-2021-4352 Incorrect Authorization vulnerability in Eyecix Jobsearch WP JOB Board 1.5.1/1.7.4
The JobSearch WP Job Board plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the save_locsettings function in versions up to, and including, 1.8.1.
network
low complexity
eyecix CWE-863
5.3
5.3
2023-06-07 CVE-2021-4361 Missing Authorization vulnerability in Eyecix Jobsearch WP JOB Board 1.5.1/1.7.4
The JobSearch WP Job Board plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the jobsearch_job_integrations_settin_save AJAX action in versions up to, and including, 1.8.1.
network
low complexity
eyecix CWE-862
8.8
8.8
2023-06-07 CVE-2021-4364 Missing Authorization vulnerability in Eyecix Jobsearch WP JOB Board 1.5.1/1.7.4
The JobSearch WP Job Board plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the jobsearch_add_job_import_schedule_call() function in versions up to, and including, 1.8.1.
network
low complexity
eyecix CWE-862
4.3
4.3
2022-04-04 CVE-2022-1168 Cross-site Scripting vulnerability in Eyecix Jobsearch WP JOB Board
There is a Cross-Site Scripting vulnerability in the JobSearch WP JobSearch WordPress plugin before 1.5.1.
network
eyecix CWE-79
4.3
4.3
2022-04-04 CVE-2022-1169 Cross-site Scripting vulnerability in Eyecix Careerfy
There is a XSS vulnerability in Careerfy.
network
eyecix CWE-79
4.3
4.3
2021-07-12 CVE-2021-24421 Cross-site Scripting vulnerability in Eyecix Jobsearch WP JOB Board 1.5.1
The WP JobSearch WordPress plugin before 1.7.4 did not sanitise or escape multiple of its parameters from the my-resume page before outputting them in the page, allowing low privilege users to use JavaScript payloads in them and leading to a Stored Cross-Site Scripting issue
network
low complexity
eyecix CWE-79
5.4
5.4