CVE-2025-31867

UNKNOWN 0.0

WordPress JS Job Manager Plugin <= 2.0.2 - Insecure Direct Object References (IDOR) vulnerability

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Job Manager js-jobs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Job Manager: from n/a through <= 2.0.2.

CWE	CWE-639
Vendor	joomsky
Product	js job manager
Published	Apr 1, 2025
Last Updated	Apr 1, 2026

Stay Ahead of the Next One

Get instant alerts for joomsky js job manager

Be the first to know when new unknown vulnerabilities affecting joomsky js job manager are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

JoomSky / JS Job Manager

0 ≤ 2.0.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

patchstack.com: https://patchstack.com/database/Wordpress/Plugin/js-jobs/vulnerability/wordpress-js-job-manager-plugin-2-0-2-insecure-direct-object-references-idor-vulnerability?_s_id=cve

Credits

Tran Hoang Tuan Kiet | Patchstack Bug Bounty Program