CVE-2021-39329

Name of the Vulnerable Software and Affected Versions: JobBoardWP WordPress plugin versions up to and including 1.0.7

Description: The issue arises from insufficient input validation and sanitization via several parameters found in the ~/includes/admin/class-metabox.php file. This allows attackers with administrative user access to inject arbitrary web scripts. The vulnerability affects multi-site installations where unfiltered html is disabled for administrators, as well as sites where unfiltered html is disabled.

Recommendations: For versions up to and including 1.0.7, update to a version that includes the necessary input validation and sanitization fixes to prevent Stored Cross-Site Scripting attacks. As a temporary workaround, consider restricting administrative access and enabling unfiltered html for administrators to minimize the risk of exploitation.