ThreatPress

WordPress Vulnerabilities Database

Back

WordPress JobCareer theme - 2.5 - Stored Cross-Site Scripting (XSS) vulnerability

Product
JobCareer
Description
Stored Cross-Site Scripting (XSS) vulnerability found by QUIXSS in WordPress JobCareer theme (version 2.5).
Solution
Update the WordPress JobCareer theme to the latest available version (at least 2.5.1).
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Theme changelog
CVE
Name CVE-N/A
Versions
Affected In 2.5
Fixed In 2.5.1
Disclosure date
2019-06-11
Credits
QUIXSS
Submitter
ThreatPress