cleantalk
Vulnerabilities and Security Researches

JoomSport – for Sports: Team & League, Football, Hockey & more, CVE-2019-14348

CVE, Research URL

CVE-2019-14348

Home page URL

Security reports for JoomSport – for Sports: Team & League, Football, Hockey & more

Application

JoomSport – for Sports: Team & League, Football, Hockey & more

Published on
Aug 05, 2019
Research Description
The BearDev JoomSport plugin 3.3 for WordPress allows SQL injection to steal, modify, or delete database information via the joomsport_season/new-yorkers/?action=playerlist sid parameter.
Affected versions
max 3.4.
Status
vulnerable
Previous vulnerability researches
JoomSport – for Sports: Team & League, Football, Hockey & more (CVE-2023-53601) , Nov 10, 2025
JoomSport – for Sports: Team & League, Football, Hockey & more (CVE-2024-43355) , Aug 20, 2024
JoomSport – for Sports: Team & League, Football, Hockey & more (CVE-2021-24384) , Jun 07, 2024
JoomSport – for Sports: Team & League, Football, Hockey & more (CVE-2019-14348) , Jun 07, 2024
JoomSport – for Sports: Team & League, Football, Hockey & more (CVE-2022-2717) , Jun 07, 2024
New vulnerability
Dynamic User Directory (CVE-2025-62982) , Nov 10, 2025
Responsive Progress Bar (CVE-2025-11883) , Nov 10, 2025
Tab Ultimate (CVE-2025-62060) , Nov 10, 2025
Top Bar Notification (CVE-2025-12412) , Nov 10, 2025
WP Travel Engine – Best Travel Booking WordPress Plugin (CVE-2025-7526) , Nov 10, 2025