CVE-2025-22209 Information

Description

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands via the ‘searchpaymentstatus’ parameter in the Employer Payment History search feature.

Reference

https://joomsky.com/js-jobs-joomla/