CVE-2022-1168
published 2022-04-04CVE-2022-1168: There is a Cross-Site Scripting vulnerability in the JobSearch WP JobSearch WordPress plugin before 1.5.1.
PriorityP336medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
1.85%
76.4th percentile
There is a Cross-Site Scripting vulnerability in the JobSearch WP JobSearch WordPress plugin before 1.5.1.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| eyecix | jobsearch_wp_job_board | < 1.5.1 | 1.5.1 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
WordPress WP JobSearch <1.5.1 - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2022-1168 [MEDIUM] WordPress WP JobSearch <1.5.1 - Cross-Site Scripting
WordPress WP JobSearch "
- "wp-jobsearch"
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 404
# digest: 4b0a00483046022100a67a402a3e3eb17cb0f44772f8e52574e5ea93f25c076dfa87b9d981aac729e4022100cc029e7364f00925e363e299ecdef072a9b7225cecb5f8e8a89fbbefb516b0bf:922c64590222798bb761d5b6d8e72950
2022-04-04
Published