Js Jobs

CVEs (3)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2025-49484	Joomla Js Jobs	Hig	0.60	—	0.01	Jul 18, 2025	A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low-privilege users to execute arbitrary SQL commands via the 'cvid' parameter in the employee application feature.
CVE-2025-54475	Joomla Js Jobs	Hig	0.57	—	0.00	Aug 15, 2025	A SQL injection vulnerability in the JS Jobs plugin versions 1.3.2-1.4.4 for Joomla allows low-privilege users to execute arbitrary SQL commands.
CVE-2018-25327	Joomla Js Jobs	Med	0.34	5.3	0.00	May 17, 2026	Joomla! Component Js Jobs 1.2.0 contains a cross-site request forgery vulnerability that allows attackers to perform state-changing actions without token validation. Attackers can craft malicious HTML forms targeting administrative endpoints like job.jobenforcedelete to delete job entries or modify component settings when administrators visit attacker-controlled pages.

CVE-2025-49484HigJul 18, 2025
Joomla
Js Jobs
risk 0.60cvss —epss 0.01
A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low-privilege users to execute arbitrary SQL commands via the 'cvid' parameter in the employee application feature.
CVE-2025-54475HigAug 15, 2025
Joomla
Js Jobs
risk 0.57cvss —epss 0.00
A SQL injection vulnerability in the JS Jobs plugin versions 1.3.2-1.4.4 for Joomla allows low-privilege users to execute arbitrary SQL commands.
CVE-2018-25327MedMay 17, 2026
Joomla
Js Jobs
risk 0.34cvss 5.3epss 0.00
Joomla! Component Js Jobs 1.2.0 contains a cross-site request forgery vulnerability that allows attackers to perform state-changing actions without token validation. Attackers can craft malicious HTML forms targeting administrative endpoints like job.jobenforcedelete to delete job entries or modify component settings when administrators visit attacker-controlled pages.