.. / CVE-2022-1170

Exploit for JobMonster < 4.5.2.9 - Cross-Site Scripting (CVE-2022-1170)

Description:

In the theme JobMonster < 4.5.2.9 there is a XSS vulnerability as the input for the search form is provided through unsanitized GET requests.

Nuclei Template

View the template here CVE-2022-1170.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-1170.yaml
Copy

References:

https://themeforest.net/item/jobmonster-job-board-wordpress-theme/10965446
https://nvd.nist.gov/vuln/detail/CVE-2022-1170
https://wpscan.com/vulnerability/2ecb18e6-b575-4a20-bd31-94d24f1d1efc