"An attacker can submit malicious javascript code (persistent XSS) on some fields of 'add job' form (in frontend). Then, when an admin want to edit (or delete) this job in control page, the malicious payload will be executed." Edit (WPScanTeam) February 26th, 2020 - Vendor contacted via their page (https://wpjobboard.net/contact/) March 5th, 2020 - No response from vendor, disclosing as issue is already public May 21st, 2020 - v5.6.0 released
Mohamad Pishdar (cert.ikiu.ac.ir)
Yes
2020-02-26 (about 3 years ago)
2020-03-05 (about 3 years ago)
2020-11-23 (about 2 years ago)