Local File Inclusion Vulnerability in JoomSky JS Job Manager
CVE-2025-32627

8.1HIGH

Key Information:

Vendor: Joomsky
Status: Js Job Manager
Vendor: CVE Published:; 11 April 2025

Summary

The JoomSky JS Job Manager plugin is susceptible to a local file inclusion vulnerability due to improper handling of file inclusion methods. An attacker could exploit this weakness to gain unauthorized access to sensitive files on the server, potentially leading to further attacks and data breaches. It is crucial for users of affected versions to update their systems promptly to mitigate the risk associated with this vulnerability.

Affected Version(s)

JS Job Manager <= 2.0.2

References

https://patchstack.com/database/wordpress/plugin/js-jobs/...

vdb-entry

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 11, 2025
Vulnerability Reserved
Apr 9, 2025

Credit

Trương Hữu Phúc (truonghuuphuc) (Patchstack Alliance)