VYPR

Joomsport

by Beardev

CVEs (4)

  • CVE-2022-2718HigSep 6, 2022
    risk 0.47cvss 7.2epss 0.01

    The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter on the joomsport-page-extrafields page in versions up to, and including, 5.2.5 due to insufficient escaping on the user supplied…

  • CVE-2022-2717HigSep 6, 2022
    risk 0.47cvss 7.2epss 0.01

    The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter on the joomsport-events-form page in versions up to, and including, 5.2.5 due to insufficient escaping on the user supplied…

  • CVE-2024-44031MedNov 1, 2024
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in beardev JoomSport joomsport-sports-league-results-management.This issue affects JoomSport: from n/a through <= 5.6.3.

  • CVE-2024-43355Nov 1, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in BearDev JoomSport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JoomSport: from n/a through 5.3.0.