WordPress Plugin Vulnerabilities

neuvoo-jobroll <= 2.0 - Unauthenticated Reflected Cross-Site Scripting (XSS)

Description

The neuvoo-jobroll WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
neuvoo-jobroll
No known fix

References

CVE
CVE-2015-9404
CVE
CVE-2015-9403
URL
https://packetstormsecurity.com/files/#134240/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
5dd75bc6-81d1-413e-8bd2-4ced23ce521b

Timeline

Publicly Published
2015-11-05 (about 10 years ago)
Added
2015-11-09 (about 10 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2018-12-28
Title
Order XML File Export Import for WooCommerce <= 1.2.2 - XSS
Published
2025-12-11
Title
WPLG Default Mail From <= 1.0.0 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']
Published
2022-02-07
Title
Multisite Content Copier/Updater < 2.1.0 - Reflected Cross-Site Scripting
Published
2011-09-27
Title
Hybrid < 0.10 - XSS
Published
2022-11-02
Title
AgentEasy Properties <= 1.0.4 - Admin+ Stored XSS