Lucene search
K
JoomskyJs Job Manager

11 matches found

CVE
CVE
added 2019/08/16 8:15 p.m.378 views

CVE-2018-20974

CVE-2018-20974 affects the WordPress plugin js-jobs (JS Job Manager) prior to version 1.0.7. The root cause is CSRF due to insufficient verification of trusted-user requests, enabling forgery of cross-site actions. Impact details are limited to what is stated in the sources (CSRF with potential f...

8.8CVSS8.7AI score0.00649EPSS
CVE
CVE
added 2024/12/09 11:31 a.m.69 views

CVE-2023-28689

CVE-2023-28689 : WordPress plugin JS Job Manager (versions

6.5CVSS8.5AI score0.0049EPSS
CVE
CVE
added 2025/04/17 3:47 p.m.67 views

CVE-2025-32660

CVE-2025-32660 : WordPress JS Job Manager plugin versions n/a–2.0.2 is vulnerable to Unrestricted Upload of File with Dangerous Type, enabling an attacker to upload a Web Shell to the server. Root cause: improper validation of uploaded file types allows arbitrary file uploads. Current references ...

10CVSS7.2AI score0.00403EPSS
CVE
CVE
added 2025/04/04 3:58 p.m.56 views

CVE-2025-32146

CVE-2025-32146 affects the WordPress plugin JS Job Manager (affected: v2.0.2 and earlier). The issue is an improper control of filename for PHP include/require, enabling PHP Local File Inclusion (and described as PHP Remote File Inclusion) with an authenticated attacker (Contributor+) to exploit....

8.8CVSS7.2AI score0.00719EPSS
CVE
CVE
added 2025/04/17 3:47 p.m.55 views

CVE-2025-32626

CVE-2025-32626 is a SQL Injection vulnerability in WordPress JS Job Manager (affected: versions up to 2.0.2) due to improper neutralization of special elements in SQL commands. Exploitation could lead to unauthorized data access and modification (high impact on confidentiality and integrity; avai...

9.8CVSS7.3AI score0.00446EPSS
CVE
CVE
added 2025/04/01 2:52 p.m.54 views

CVE-2025-31868

CVE-2025-31868: Missing Authorization in the WordPress plugin JS Job Manager (JS Job Manager) allows an authenticated attacker (Contributor+ level) to exploit Local File Inclusion in versions up to 2.0.2. The vulnerability affects the plugin and is tracked publicly under CVE-2025-31868. Exploitat...

5.3CVSS7.2AI score0.0032EPSS
CVE
CVE
added 2025/04/11 8:43 a.m.53 views

CVE-2025-32627

CVE-2025-32627 affects the WordPress plugin JS Job Manager (JS Job Manager) up to version 2.0.2. It is an Unauthenticated Local File Inclusion vulnerability in the PHP include/require handling, enabling an attacker to influence file inclusion without authentication. The CVE entry indicates an imp...

8.1CVSS7.2AI score0.00837EPSS
CVE
CVE
added 2023/06/16 8:41 a.m.51 views

CVE-2023-25963

CVE-2023-25963 affects the WordPress plugin JS Job Manager (versions

5.9CVSS5AI score0.00394EPSS
CVE
CVE
added 2023/11/09 5:57 p.m.49 views

CVE-2023-31087

CVE-2023-31087 – JoomSky JS Job Manager (WordPress) CSRF vulnerability in versions 2.0.0, specifically 2.0.1 per PatchStack, to mitigate. Impact is described variably across sources; Wordfence lists CSRF via multiple functions and patch status as Patched, while CVSS scales differ between sources...

8.8CVSS8.8AI score0.00315EPSS
CVE
CVE
added 2025/04/01 2:52 p.m.49 views

CVE-2025-31867

CVE-2025-31867 concerns the WordPress plugin JS Job Manager . Connected material provides concrete detail for the same plugin: “JS Job Manager <= 2.0.2 – Authenticated (Contributor+) Local File Inclusion” (CVE-2025-32146). This confirms a Local File Inclusion vulnerability in JS Job Manager wh...

5.4CVSS7.2AI score0.00356EPSS
CVE
CVE
added 2025/09/22 6:23 p.m.14 views

CVE-2025-58234

CVE-2025-58234 is a Stored XSS vulnerability in the WordPress plugin JS Job Manager. Connected sources identify the affected component as JS Job Manager and specify vulnerability type as Stored Cross-Site Scripting, affecting versions up to and including 2.0.2. The Wordfence report lists CVSS v3....

6.5CVSS5.9AI score0.00197EPSS