Aggregates CVE and security vulnerability intelligence across all joomsky-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk cross-site scripting and vendor risk csrf and related problems; some flaws may lead to vendor impact file overwrite, affecting vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-25444 | Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Using Malicious Files.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.7. | [email protected] | 9.1 | 0.69% | 2024-05-17 | 2026-06-17 |
| CVE-2022-47151 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1. | [email protected] | 8.6 | 0.44% | 2024-04-17 | 2026-06-17 |
| CVE-2023-31087 | Cross-Site Request Forgery (CSRF) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions. | [email protected] | 5.4 | 0.30% | 2023-11-09 | 2026-06-17 |
| CVE-2023-25963 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions. | [email protected] | 5.9 | 0.39% | 2023-06-16 | 2026-06-17 |
| CVE-2019-17527 | dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter. | [email protected] | 9.8 | 1.03% | 2019-12-19 | 2026-06-16 |
| CVE-2018-21002 | The js-support-ticket plugin before 2.0.6 for WordPress has CSRF. | [email protected] | 8.8 | 0.68% | 2019-08-27 | 2026-06-16 |
| CVE-2018-20974 | The js-jobs plugin before 1.0.7 for WordPress has CSRF. | [email protected] | 8.8 | 0.65% | 2019-08-16 | 2026-06-16 |
| CVE-2018-9183 | The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS. | [email protected] | 5.4 | 2.31% | 2018-04-02 | 2026-06-16 |
| CVE-2018-6006 | SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter. | [email protected] | 9.8 | 19.49% | 2018-02-17 | 2026-06-16 |
| CVE-2018-5994 | SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request. | [email protected] | 9.8 | 2.70% | 2018-02-17 | 2026-06-16 |
| CVE-2018-6007 | CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and allows attackers to inject HTML or edit a ticket. | [email protected] | 8.8 | 2.31% | 2018-01-29 | 2026-06-16 |