Vulnerabilities (CVE)

Filtered by vendor Themehigh Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-51545 1 Themehigh 1 Job Manager \& Career 2024-01-05 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data vulnerability in ThemeHigh Job Manager & Career – Manage job board listings, and recruitments.This issue affects Job Manager & Career – Manage job board listings, and recruitments: from n/a through 1.4.4.
CVE-2023-5906 1 Themehigh 1 Job Manager \& Career 2023-12-10 N/A 7.5 HIGH
The Job Manager & Career WordPress plugin before 1.4.4 contains a vulnerability in the Directory Listings system, which allows an unauthorized user to view and download private files of other users. This vulnerability poses a serious security threat because it allows an attacker to gain access to confidential data and files of other users without their permission.
CVE-2022-3490 1 Themehigh 1 Checkout Field Editor For Woocommerce 2023-12-10 N/A 7.2 HIGH
The Checkout Field Editor (Checkout Manager) for WooCommerce WordPress plugin before 1.8.0 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present
CVE-2022-0783 1 Themehigh 1 Multiple Shipping Addresses For Woocommerce 2023-12-10 7.5 HIGH 9.8 CRITICAL
The Multiple Shipping Address Woocommerce WordPress plugin before 2.0 does not properly sanitise and escape numerous parameters before using them in SQL statements via some AJAX actions available to unauthenticated users, leading to unauthenticated SQL injections