cbcvebase.

Eyecix Jobsearch vulnerabilities

13 known vulnerabilities affecting eyecix/jobsearch.

Total CVEs
13
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH5MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2025-62025P3CRITICALCVSS 9.8≤ 3.0.82025-10-22
CVE-2025-62025 [CRITICAL] CWE-502 CVE-2025-62025: Deserialization of Untrusted Data vulnerability in eyecix JobSearch wp-jobsearch.This issue affects Deserialization of Untrusted Data vulnerability in eyecix JobSearch wp-jobsearch.This issue affects JobSearch: from n/a through < 3.0.8.
nvd
CVE-2024-43245P3CRITICALCVSS 9.8≥ n/a, ≤ 2.3.42024-08-19
CVE-2024-43245 [CRITICAL] CWE-269 CVE-2024-43245: Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This iss Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This issue affects JobSearch: from n/a through 2.3.4.
nvd
CVE-2024-47636P3CRITICALCVSS 9.8≤ 2.5.92024-10-10
CVE-2024-47636 [CRITICAL] CWE-502 CVE-2024-47636: Deserialization of Untrusted Data vulnerability in eyecix JobSearch wp-jobsearch allows Object Injec Deserialization of Untrusted Data vulnerability in eyecix JobSearch wp-jobsearch allows Object Injection.This issue affects JobSearch: from n/a through <= 2.5.9.
nvd
CVE-2024-43931P3CRITICALCVSS 9.8≥ n/a, ≤ 2.5.32024-08-29
CVE-2024-43931 [CRITICAL] CWE-502 CVE-2024-43931: Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This iss Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.3.
nvd
CVE-2024-43929P3CRITICALCVSS 9.8≥ n/a, ≤ 2.5.42024-11-01
CVE-2024-43929 [CRITICAL] CWE-862 CVE-2024-43929: Missing Authorization vulnerability in eyecix JobSearch allows Accessing Functionality Not Properly Missing Authorization vulnerability in eyecix JobSearch allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JobSearch: from n/a through 2.5.4.
nvd
CVE-2024-43928P3HIGHCVSS 8.8≥ n/a, ≤ 2.5.42024-11-01
CVE-2024-43928 [HIGH] CWE-862 CVE-2024-43928: Missing Authorization vulnerability in eyecix JobSearch allows Exploiting Incorrectly Configured Acc Missing Authorization vulnerability in eyecix JobSearch allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobSearch: from n/a through 2.5.4.
nvd
CVE-2025-52806P3HIGHCVSS 7.5≤ 3.0.82025-08-14
CVE-2025-52806 [HIGH] CWE-98 CVE-2025-52806: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in eyecix JobSearch wp-jobsearch allows PHP Local File Inclusion.This issue affects JobSearch: from n/a through < 3.0.8.
nvd
CVE-2026-32493P4HIGHCVSS 7.1≥ n/a, ≤ <= 3.2.02026-03-25
CVE-2026-32493 [HIGH] CWE-79 CVE-2026-32493: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch wp-jobsearch allows Reflected XSS.This issue affects JobSearch: from n/a through <= 3.2.0.
nvd
CVE-2024-47394P4HIGHCVSS 7.1≤ 2.5.92024-10-05
CVE-2024-47394 [HIGH] CWE-79 CVE-2024-47394: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch wp-jobsearch allows Reflected XSS.This issue affects JobSearch: from n/a through <= 2.5.9.
nvd
CVE-2025-52798P4HIGHCVSS 7.1≤ 3.0.62025-07-04
CVE-2025-52798 [HIGH] CWE-79 CVE-2025-52798: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch wp-jobsearch allows Reflected XSS.This issue affects JobSearch: from n/a through < 3.0.6.
nvd
CVE-2025-49978P4MEDIUMCVSS 4.3≤ 3.0.62025-06-20
CVE-2025-49978 [MEDIUM] CWE-639 CVE-2025-49978: Authorization Bypass Through User-Controlled Key vulnerability in eyecix JobSearch wp-jobsearch allo Authorization Bypass Through User-Controlled Key vulnerability in eyecix JobSearch wp-jobsearch allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobSearch: from n/a through < 3.0.6.
nvd
CVE-2024-43930P4MEDIUMCVSS 4.3≥ n/a, ≤ 2.5.32024-10-31
CVE-2024-43930 [MEDIUM] CWE-352 CVE-2024-43930: Cross-Site Request Forgery (CSRF) vulnerability in eyecix JobSearch allows Cross Site Request Forger Cross-Site Request Forgery (CSRF) vulnerability in eyecix JobSearch allows Cross Site Request Forgery.This issue affects JobSearch: from n/a through 2.5.3.
nvd
CVE-2026-54186CRITICALCVSS 9.3≥ n/a, ≤ 3.2.92026-06-17
CVE-2026-54186 [CRITICAL] CWE-89 WordPress JobSearch plugin <= 3.2.9 - SQL Injection vulnerability WordPress JobSearch plugin <= 3.2.9 - SQL Injection vulnerability Unauthenticated SQL Injection in JobSearch <= 3.2.9 versions.
cvelistv5
Eyecix Jobsearch vulnerabilities | cvebase