{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T10:47:34.244","vulnerabilities":[{"cve":{"id":"CVE-2025-31867","sourceIdentifier":"audit@patchstack.com","published":"2025-04-01T15:16:28.820","lastModified":"2026-04-23T15:28:27.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Job Manager js-jobs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Job Manager: from n/a through <= 2.0.2."},{"lang":"es","value":"Vulnerabilidad de omisión de autorización mediante clave controlada por el usuario en JoomSky JS Job Manager permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta al Administrador de tareas JS desde la versión n/d hasta la 2.0.2."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":2.5}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joomsky:js_job_manager:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"2.0.2","matchCriteriaId":"1CA1736C-B5A4-44FB-99A8-CFDC7F25DDA1"}]}]}],"references":[{"url":"https://patchstack.com/database/Wordpress/Plugin/js-jobs/vulnerability/wordpress-js-job-manager-plugin-2-0-2-insecure-direct-object-references-idor-vulnerability?_s_id=cve","source":"audit@patchstack.com","tags":["Third Party Advisory"]}]}}]}