CVE-2025-57887 — Cross-site Scripting in Jobmonster

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

—N/A

No vector

EPSS

0.0%

top 90.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nootheme Jobmonster

Timeline

PublishedAug 22

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Jobmonster noo-jobmonster allows Stored XSS.This issue affects Jobmonster: from n/a through <= 4.8.0.

Affected Packages1 packages

▶CVEListV5nootheme/jobmonster4.8.0

🔴Vulnerability Details

CVEList

WordPress Jobmonster Theme <= 4.8.0 - Cross Site Scripting (XSS) Vulnerability↗2025-08-22

▶

GHSA

GHSA-hwvg-hrfc-mrx5: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Jobmonster allows Stored XSS↗2025-08-22

▶