← back
CVE-2022-1167

CareerUp < 2.3.1 - Unauthenticated Reflected Cross-Site Scripting

EPSS 1.1%CWE-79
There are unauthenticated reflected Cross-Site Scripting (XSS) vulnerabilities in CareerUp Careerup WordPress theme before 2.3.1, via the filter parameters.
Affected products
Unknown · Careerup

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://m0ze.ru/vulnerability/%5B2020-06-17%5D-%5BWordPress%5D-%5BCWE-79%5D-CareerUp-WordPress-Theme-v2.3.0.txthttps://themeforest.net/item/careerup-job-board-wordpress-theme/24002090https://wpscan.com/vulnerability/a30a1430-c474-4cd1-877c-35c4ab624170