ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Job Manager Plugin 0.7.22 - Persistent XSS

Product
Job Manager
Description
Job Manager plugin is prone to a persistent XSS vulnerability, because email field was not sanitized. It allows an attacler to steal cookies or perform phishing attacks. Other attacks are also possible.
Solution
Update the plugin.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Exploit-DB
CVE
Name CVE- 2015-2321
Versions
Affected In <= 0.7.22
Fixed In 0.7.23
Disclosure date
2015-08-07
Credits
Owais Mehtab