Vulnerabilities > Ultimatemember > Jobboardwp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-09 | CVE-2023-23715 | Missing Authorization vulnerability in Ultimatemember Jobboardwp Missing Authorization vulnerability in JobBoardWP JobBoardWP – Job Board Listings and Submissions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobBoardWP – Job Board Listings and Submissions: from n/a through 1.2.2. | 8.8 |
| 2022-12-19 | CVE-2022-4061 | Unspecified vulnerability in Ultimatemember Jobboardwp The JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP. | 7.5 |
| 2021-10-19 | CVE-2021-39329 | Unspecified vulnerability in Ultimatemember Jobboardwp The JobBoardWP WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/includes/admin/class-metabox.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.0.7. | 4.8 |