PT-2026-27903 · Nootheme · Jobmonster
Published
2026-03-25
·
Updated
2026-03-30
·
CVE-2026-25340
CVSS v3.1
9.3
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
NooTheme Jobmonster versions prior to 4.8.4
Description
The software contains an Improper Neutralization of Special Elements used in an SQL Command issue, also known as a SQL Injection. This allows for Blind SQL Injection. The
SQL command is improperly neutralized, leading to this issue.Recommendations
Update to a version newer than 4.8.4.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jobmonster