浏览 61+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4758 | WP Job Portal <= 2.4.9 - Authenticated (Subscriber+) Arbitrary File Deletion via Resume Custom File Field | wpjobportal | WP Job Portal – AI-Powered Recruitment System for Company or Job Board website | High | 8.8 | 2026-03-25 23:26:02 | Deep Dive |
| CVE-2026-4306 | WP Job Portal <= 2.4.8 - Unauthenticated SQL Injection via 'radius' Parameter | wpjobportal | WP Job Portal – AI-Powered Recruitment System for Company or Job Board website | High | 7.5 | 2026-03-23 22:25:40 | Deep Dive |
| CVE-2025-14467 | WP Job Portal <= 2.4.4 - Authenticated (Editor+) Stored Cross-Site Scripting via Job Description Field | wpjobportal | WP Job Portal – AI-Powered Recruitment System for Company or Job Board website | Medium | 4.4 | 2025-12-12 03:20:39 | Deep Dive |
| CVE-2025-14293 | WP Job Portal <= 2.4.0 - Authenticated (Subscriber+) Arbitrary File Read | wpjobportal | WP Job Portal – AI-Powered Recruitment System for Company or Job Board website | Medium | 6.5 | 2025-12-11 20:22:09 | Deep Dive |
| CVE-2024-12812 | WP ERP < 1.13.4 - Custom+ Unauthorized Access to Terminated Employee Information | Unknown | WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting | - | - | 2025-05-15 20:06:58 | Deep Dive |
| CVE-2024-12808 | WP ERP | Complete HR solution with recruitment < 1.13.4 - Admin+ Stored XSS | Unknown | WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting | - | - | 2025-05-15 20:06:57 | Deep Dive |
| CVE-2025-2010 | JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin <= 2.3.9 - Unauthenticated SQL Injection | mhmrajib | JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin | High | 7.5 | 2025-04-19 02:22:34 | Deep Dive |
| CVE-2024-13873 | WP Job Portal <= 2.2.8 - Insecure Direct Object Reference to Authenticated (Subscriber+) User Photo Disconnection | wpjobportal | WP Job Portal – AI-Powered Recruitment System for Company or Job Board website | Medium | 4.3 | 2025-02-22 03:20:59 | Deep Dive |
| CVE-2025-1190 | code-projects Job Recruitment load_user-profile.php cross site scripting | code-projects | Job Recruitment | Low | 3.5 | 2025-02-12 10:00:10 | Deep Dive |
| CVE-2025-1162 | code-projects Job Recruitment load\_user-profile.php sql injection | code-projects | Job Recruitment | Medium | 6.3 | 2025-02-10 23:00:07 | Deep Dive |
| CVE-2025-0961 | code-projects Job Recruitment load_job-details.php cross site scripting | code-projects | Job Recruitment | Low | 3.5 | 2025-02-01 22:31:05 | Deep Dive |
| CVE-2024-13371 | WP Job Portal <= 2.2.6 - Missing Authorization to Unauthenticated Arbitrary Email Sending | wpjobportal | WP Job Portal – AI-Powered Recruitment System for Company or Job Board website | Medium | 5.3 | 2025-02-01 07:21:40 | Deep Dive |
| CVE-2024-13372 | WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Unauthenticated Arbitrary Resume Download | wpjobportal | WP Job Portal – AI-Powered Recruitment System for Company or Job Board website | Medium | 5.3 | 2025-02-01 07:21:40 | Deep Dive |
| CVE-2024-13425 | WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Authenticated (Employer+) Arbitrary Company Deletion | wpjobportal | WP Job Portal – AI-Powered Recruitment System for Company or Job Board website | Medium | 4.3 | 2025-02-01 07:21:39 | Deep Dive |
| CVE-2024-13428 | WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Unauthenticated Company Logo Deletion | wpjobportal | WP Job Portal – AI-Powered Recruitment System for Company or Job Board website | Medium | 5.3 | 2025-02-01 07:21:39 | Deep Dive |
| CVE-2024-13429 | WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Authenticated (Employer+) Arbitrary Job Deletion | wpjobportal | WP Job Portal – AI-Powered Recruitment System for Company or Job Board website | Medium | 4.3 | 2025-02-01 07:21:38 | Deep Dive |
| CVE-2025-0934 | code-projects Job Recruitment _call_job_search_ajax.php sql injection | code-projects | Job Recruitment | Medium | 6.3 | 2025-01-31 19:31:04 | Deep Dive |
| CVE-2025-0806 | code-projects Job Recruitment _call_job_search_ajax.php cross site scripting | code-projects | Job Recruitment | Medium | 4.3 | 2025-01-29 02:31:04 | Deep Dive |
| CVE-2025-0530 | code-projects Job Recruitment _feedback_system.php cross site scripting | code-projects | Job Recruitment | Low | 3.5 | 2025-01-17 15:31:06 | Deep Dive |
| CVE-2024-12131 | WP Job Portal – A Complete Recruitment System for Company or Job Board website <= 2.2.5- Authenticated (Subscriber+) Insecure Direct Object Reference | wpjobportal | WP Job Portal – AI-Powered Recruitment System for Company or Job Board website | Medium | 4.3 | 2025-01-07 12:43:41 | Deep Dive |