Vulnerabilities and security researches forjs-jobs js-jobs

Jun 06, 2024

CVE, Research URL: CVE-2018-20974
Home page URL: Security reports for JS Job Manager
Application: JS Job Manager
Date: Aug 17, 2019
Research Description: The js-jobs plugin before 1.0.7 for WordPress has CSRF.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2023-25963
Home page URL: Security reports for JS Job Manager
Application: JS Job Manager
Date: Jun 16, 2023
Research Description: Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2023-31087
Home page URL: Security reports for JS Job Manager
Application: JS Job Manager
Date: Nov 09, 2023
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions.
Affected versions: Min -, max -.
Status: vulnerable

Jun 10, 2024

CVE, Research URL: CVE-2023-28689
Home page URL: Security reports for JS Job Manager
Application: JS Job Manager
Date: Dec 09, 2024
Research Description: Missing Authorization vulnerability in JoomSky JS Job Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Job Manager: from n/a through 2.0.0.
Affected versions: Min -, max -.
Status: vulnerable

Apr 03, 2025

CVE, Research URL: CVE-2025-31868
Home page URL: Security reports for JS Job Manager
Application: JS Job Manager
Date: Apr 01, 2025
Research Description: Missing Authorization vulnerability in JoomSky JS Job Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JS Job Manager: from n/a through 2.0.2.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2025-31867
Home page URL: Security reports for JS Job Manager
Application: JS Job Manager
Date: Apr 01, 2025
Research Description: Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Job Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JS Job Manager: from n/a through 2.0.2.
Affected versions: Min -, max -.
Status: vulnerable

Apr 06, 2025

CVE, Research URL: CVE-2025-32146
Home page URL: Security reports for JS Job Manager
Application: JS Job Manager
Date: Apr 04, 2025
Research Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Job Manager allows PHP Local File Inclusion. This issue affects JS Job Manager: from n/a through 2.0.2.
Affected versions: Min -, max -.
Status: vulnerable