PT-2020-20434 · WordPress · Wpjobboard

Published

2020-02-25

Updated

2022-01-01

CVE-2020-9019

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions WPJobBoard plugin version 5.5.3

Description The issue allows for Persistent XSS via the Add Job form, specifically affecting the title and Description fields.

Recommendations For WPJobBoard plugin version 5.5.3, consider disabling the Add Job form until a patch is available to prevent exploitation. Restrict access to the form to minimize the risk of Persistent XSS attacks. Avoid using the vulnerable fields title and Description in the Add Job form until the issue is resolved.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2020-9019

Affected Products

Wpjobboard

PT-2020-20434 · WordPress · Wpjobboard

CVE-2020-9019

Weakness Enumeration

Related Identifiers

Affected Products

References · 6