presstigers CVE Vulnerabilities & Metrics

Focus on presstigers vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About presstigers Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with presstigers. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total presstigers CVEs: 13
Earliest CVE date: 13 Aug 2019, 17:15 UTC
Latest CVE date: 02 Jan 2025, 12:15 UTC

Latest CVE reference: CVE-2023-47188

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 3

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): -25.0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): -25.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical presstigers CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 1.45

Max CVSS: 4.3

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	11
4.0-6.9	2
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS presstigers CVEs

These are the five CVEs with the highest CVSS scores for presstigers, sorted by severity first and recency.

CVE-2017-18498 presstigers Published on 13 Aug 2019, 17:15 UTC (CVSS: 4.3)
The simple-job-board plugin before 2.4.4 for WordPress has reflected XSS via keyword search.
CVE-2020-35749 presstigers Published on 15 Jan 2021, 17:15 UTC (CVSS: 4.0)
Directory traversal vulnerability in class-simple_job_board_resume_download_handler.php in the Simple Board Job plugin 2.9.3 and earlier for WordPress allows remote attackers to read arbitrary files via the sjb_file parameter to wp-admin/post.php.
CVE-2022-25612 presstigers Published on 25 Mar 2022, 19:15 UTC (CVSS: 3.5)
Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in Simple Event Planner WordPress plugin <= 1.5.4 allows user with author or higher user rights inject the malicious code via vulnerable parameters: &custom[event_organiser], &custom[organiser_email], &custom[organiser_contact].
CVE-2022-25611 presstigers Published on 25 Mar 2022, 19:15 UTC (CVSS: 3.5)
Authenticated Stored Cross-Site Scripting (XSS) in Simple Event Planner plugin <= 1.5.4 allows attackers with contributor or higher user roles to inject the malicious script by using vulnerable parameter &custom[add_seg][].
CVE-2021-39328 presstigers Published on 21 Oct 2021, 20:15 UTC (CVSS: 3.5)
The Simple Job Board WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping on the $job_board_privacy_policy_label variable echo'd out via the ~/admin/settings/class-simple-job-board-settings-privacy.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 2.9.4. This affects multi-site ...

All CVEs for presstigers

CVE-2023-47188 presstigers vulnerability CVSS: 0 02 Jan 2025, 12:15 UTC

Missing Authorization vulnerability in PressTigers Simple Job Board allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Job Board: from n/a through 2.10.5.

CVE-2024-7351 presstigers vulnerability CVSS: 0 24 Aug 2024, 08:15 UTC

The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.12.3 via deserialization of untrusted input when editing job applications. This makes it possible for authenticated attackers, with Editor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.

CVE-2024-1813 presstigers vulnerability CVSS: 0 09 Apr 2024, 19:15 UTC

The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.11.0 via deserialization of untrusted input in the job_board_applicant_list_columns_value function. This makes it possible for unauthenticated attackers to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code when a submitted job application is viewed.

CVE-2024-0593 presstigers vulnerability CVSS: 0 21 Feb 2024, 07:15 UTC

The Simple Job Board plugin for WordPress is vulnerable to unauthorized access of data| due to insufficient authorization checking on the fetch_quick_job() function in all versions up to, and including, 2.10.8. This makes it possible for unauthenticated attackers to fetch arbitrary posts, which can be password protected or private and contain sensitive information.

CVE-2023-52122 presstigers vulnerability CVSS: 0 05 Jan 2024, 10:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Job Board.This issue affects Simple Job Board: from n/a through 2.10.6.

CVE-2023-48283 presstigers vulnerability CVSS: 0 30 Nov 2023, 13:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Testimonials Showcase allows Cross Site Request Forgery.This issue affects Simple Testimonials Showcase: from n/a through 1.1.5.

CVE-2023-29440 presstigers vulnerability CVSS: 0 10 Nov 2023, 14:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Job Board plugin <= 2.10.3 versions.

CVE-2022-2558 presstigers vulnerability CVSS: 0 22 Aug 2022, 15:15 UTC

The Simple Job Board WordPress plugin before 2.10.0 is susceptible to Directory Listing which allows the public listing of uploaded resumes in certain configurations.

CVE-2022-25612 presstigers vulnerability CVSS: 3.5 25 Mar 2022, 19:15 UTC

Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in Simple Event Planner WordPress plugin <= 1.5.4 allows user with author or higher user rights inject the malicious code via vulnerable parameters: &custom[event_organiser], &custom[organiser_email], &custom[organiser_contact].

CVE-2022-25611 presstigers vulnerability CVSS: 3.5 25 Mar 2022, 19:15 UTC

Authenticated Stored Cross-Site Scripting (XSS) in Simple Event Planner plugin <= 1.5.4 allows attackers with contributor or higher user roles to inject the malicious script by using vulnerable parameter &custom[add_seg][].

CVE-2021-39328 presstigers vulnerability CVSS: 3.5 21 Oct 2021, 20:15 UTC

The Simple Job Board WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping on the $job_board_privacy_policy_label variable echo'd out via the ~/admin/settings/class-simple-job-board-settings-privacy.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 2.9.4. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.

CVE-2020-35749 presstigers vulnerability CVSS: 4.0 15 Jan 2021, 17:15 UTC

Directory traversal vulnerability in class-simple_job_board_resume_download_handler.php in the Simple Board Job plugin 2.9.3 and earlier for WordPress allows remote attackers to read arbitrary files via the sjb_file parameter to wp-admin/post.php.

CVE-2017-18498 presstigers vulnerability CVSS: 4.3 13 Aug 2019, 17:15 UTC

The simple-job-board plugin before 2.4.4 for WordPress has reflected XSS via keyword search.