The Easy Career Openings plugin for WordPress is not secure in versions up to, and including, 0.4. Attackers can use the ‘jobid’ parameter to exploit the lack of secure escaping on user supplied parameters and insufficient preparation of existing SQL queries. This allows them to add extra SQL queries which they can use to steal sensitive information from the database.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
