Cross-site Scripting in Jobs for WordPress by BlueGlass Interactive AG
CVE-2025-50050

6.5MEDIUM

Key Information:

Vendor: WordPress
Status: Jobs For WordPress
Vendor: CVE Published:; 20 June 2025

What is CVE-2025-50050?

The Jobs for WordPress plugin developed by BlueGlass Interactive AG is affected by a Stored Cross-site Scripting (XSS) vulnerability. This security issue arises from improper neutralization of user input during web page generation, allowing attackers to inject malicious scripts. The vulnerability impacts all versions prior to 2.7.12, potentially compromising the security of websites utilizing this plugin. It is crucial for users to apply necessary updates to safeguard against this type of attack.

Affected Version(s)

Jobs for WordPress <= 2.7.12

References

https://patchstack.com/database/wordpress/plugin/job-post...

vdb-entry

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 20, 2025
Vulnerability Reserved
Jun 11, 2025

Credit

muhammad yudha (Patchstack Alliance)