Lucene search
K

70 matches found

Vulnrichment
Vulnrichment
added 2025/02/15 8:10 a.m.11 views

CVE-2025-22209 Extension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.3 for Joomla

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers administrator to execute arbitrary SQL commands via the 'searchpaymentstatus' parameter in the Employer Payment History search feature...

5.8AI score0.00274EPSS
Exploits1References2
CVE
CVE
added 2025/02/15 8:10 a.m.69 views

CVE-2025-22209

CVE-2025-22209 (JS Jobs Joomla plugin) affects JS Jobs plugin versions 1.1.5–1.4.3 for Joomla. The underlying issue is a SQL injection in the Employer Payment History search feature, exploitable by an authenticated administrator via the searchpaymentstatus parameter. Affected component/file: the ...

4.7CVSS8.7AI score0.00274EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/15 12:0 a.m.4 views

PT-2025-6941 · Joomla · Js Jobs Plugin

Name of the Vulnerable Software and Affected Versions: JS Jobs plugin for Joomla versions 1.1.5 through 1.4.3 Description: A SQL injection issue allows authenticated attackers, with administrator privileges, to execute arbitrary SQL commands. This is achieved via the filter email parameter in the...

4.7CVSS8.6AI score0.00604EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/02/08 4:39 a.m.10 views

CVE-2025-22206

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.2 for Joomla allows authenticated attackers administrator to execute arbitrary SQL commands via the 'fieldfor' parameter in the GDPR Field feature...

4.7CVSS8.3AI score0.0908EPSS
Exploits1References1
NVD
NVD
added 2025/02/04 3:15 p.m.11 views

CVE-2025-22206

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.2 for Joomla allows authenticated attackers administrator to execute arbitrary SQL commands via the 'fieldfor' parameter in the GDPR Field feature...

4.7CVSS0.0908EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/02/04 2:20 p.m.13 views

CVE-2025-22206 Extension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.2 for Joomla

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.2 for Joomla allows authenticated attackers administrator to execute arbitrary SQL commands via the 'fieldfor' parameter in the GDPR Field feature...

0.0908EPSS
Exploits1References2
CVE
CVE
added 2025/02/04 2:20 p.m.76 views

CVE-2025-22206

CVE-2025-22206 affects the Joomla JS Jobs plugin versions 1.1.5–1.4.2. The underlying issue is a SQL injection in the GDPR Field feature via the fieldfor parameter, allowing an authenticated administrator to execute arbitrary SQL commands. The vulnerability is confirmed across multiple sources in...

4.7CVSS8.5AI score0.0908EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/04 12:0 a.m.5 views

PT-2025-4390 · Joomla · Js Jobs Plugin

Name of the Vulnerable Software and Affected Versions: JS Jobs plugin versions 1.1.5 through 1.4.2 for Joomla Description: A SQL injection issue allows authenticated attackers, specifically administrators, to execute arbitrary SQL commands. This is achieved via the fieldfor parameter in the GDPR...

4.7CVSS7.6AI score0.0908EPSS
Exploits1References5
OSV
OSV
added 2024/11/15 7:15 a.m.0 views

CVE-2024-10104

The Jobs for WordPress plugin before 2.7.8 does not sanitise and escape some of its Job settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks...

5.9CVSS5.8AI score
Exploits0References1
Patchstack
Patchstack
added 2024/09/13 6:29 a.m.6 views

WordPress Cron Jobs plugin <= 1.2.9 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Cron Jobs versions = 1.2.9...

6.1CVSS6.3AI score0.00384EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/09/13 12:0 a.m.4 views

WordPress plugin Cron Jobs 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS5.8AI score0.00384EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/04/12 11:29 a.m.4 views

WordPress Jobs for WordPress plugin <= 2.7.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Jobs for WordPress versions = 2.7.5...

7.1CVSS6.1AI score0.00397EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/01/15 4:15 p.m.4 views

CVE-2023-6843

The easy.jobs- Best Recruitment Plugin for Job Board Listing, Manager, Career Page for Elementor & Gutenberg WordPress plugin before 2.4.7 does not properly secure some of its AJAX actions, allowing any logged-in users to modify its settings...

4.3CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2023/05/03 4:15 p.m.26 views

CVE-2023-26017

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in BlueGlass Jobs for WordPress plugin = 2.5.10.2 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
NVD
NVD
added 2023/01/02 4:15 p.m.10 views

CVE-2014-125035

A vulnerability classified as problematic was found in Jobs-Plugin. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. The identifier of the patch is b8a56718b1d42834c6ec51d9c489c5dc20471d7b. It is...

6.1CVSS4.5AI score0.00579EPSS
Exploits0References4
Prion
Prion
added 2023/01/02 4:15 p.m.14 views

Cross site scripting

A vulnerability classified as problematic was found in Jobs-Plugin. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. The identifier of the patch is b8a56718b1d42834c6ec51d9c489c5dc20471d7b. It is...

4CVSS6.6AI score0.00579EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2023/01/02 4:0 p.m.42 views

CVE-2014-125035

CVE-2014-125035 concerns the Jobs-Plugin and describes a cross-site scripting (XSS) vulnerability in an unknown functionality. The issue is exploitable remotely via network access, with the underlying cause not fully detailed in the provided documents, but a patch identifier is given: b8a56718b1d...

6.1CVSS4.8AI score0.00579EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/01/02 4:0 p.m.15 views

CVE-2014-125035 Jobs-Plugin cross site scripting

A vulnerability classified as problematic was found in Jobs-Plugin. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. The identifier of the patch is b8a56718b1d42834c6ec51d9c489c5dc20471d7b. It is...

4CVSS6AI score0.00579EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/01/02 12:0 a.m.2 views

Jobs-Plugin 跨站脚本漏洞

Jobs-Plugin is a plugin by Bobby Bryant Personal Developer. Jobs-Plugin suffers from a cross-site scripting vulnerability. An attacker could exploit this vulnerability to perform cross-site scripting attacks...

6.1CVSS4.8AI score0.00579EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/01/02 12:0 a.m.4 views

PT-2023-10105 · Unknown · Jobs-Plugin

Name of the Vulnerable Software and Affected Versions: Jobs-Plugin affected versions not specified Description: A problematic vulnerability was found in the Jobs-Plugin, affecting an unknown functionality, which leads to cross-site scripting. The attack can be launched remotely. Recommendations: ...

6.1CVSS6.5AI score0.00579EPSS
Exploits0References7
Rows per page
Query Builder