Detections
Analytics

CVE-2022-1167

medium

Description

There are unauthenticated reflected Cross-Site Scripting (XSS) vulnerabilities in CareerUp Careerup WordPress theme before 2.3.1, via the filter parameters.

References

https://wpscan.com/vulnerability/a30a1430-c474-4cd1-877c-35c4ab624170

https://themeforest.net/item/careerup-job-board-wordpress-theme/24002090

https://m0ze.ru/vulnerability/%5B2020-06-17%5D-%5BWordPress%5D-%5BCWE-79%5D-CareerUp-WordPress-Theme-v2.3.0.txt

Details

Source: Mitre, NVD

Published: 2022-04-04

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00126