Known Vulnerabilities for Jnews by Joobi
Listed below are 3 of the newest known vulnerabilities associated with "Jnews" by "Joobi".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-67591 json | Cross-Site Request Forgery (CSRF) vulnerability in jegtheme JNews Paywall jnews-paywall allows Cross Site Request Forgery.Thi... | Not Provided | 2025-12-09 | 2026-04-23 |
| CVE-2025-39373 json | Missing Authorization vulnerability in jegtheme JNews jnews allows Exploiting Incorrectly Configured Access Control Security ... | Not Provided | 2025-05-19 | 2026-04-23 |
| CVE-2015-7343 json | JNews Joomla Component before 8.5.0 has XSS via the mailingsearch parameter. | 4.8 - MEDIUM | 2020-03-09 | 2020-03-10 |
| CVE-2015-7342 json | JNews Joomla Component before 8.5.0 allows SQL injection via upload thumbnail, Queue Search Field, Subscribers Search Field, ... | 7.2 - HIGH | 2020-03-09 | 2020-03-10 |
| CVE-2015-7341 json | JNews Joomla Component before 8.5.0 allows arbitrary File Upload via Subscribers or Templates, as demonstrated by the .php5 e... | 8.8 - HIGH | 2020-03-09 | 2020-03-10 |