CVE-2026-24979
Reflected XSS in Jobica Core β€ 1.4.1 Enables Code Injection
Publication date: 2026-03-25
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nootheme | jobica_core | to 1.4.1 (inc) |
| nootheme | jobica_core | From 1.0.0 (inc) to 1.4.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Cross-site Scripting (XSS) issue found in NooTheme Jobica Core, specifically in versions up to and including 1.4.1. It occurs due to improper neutralization of input during web page generation, which allows an attacker to inject malicious scripts that are reflected back to users.
How can this vulnerability impact me? :
The vulnerability can allow attackers to execute malicious scripts in the context of the affected web application. This can lead to theft of user credentials, session hijacking, defacement of the website, or redirection to malicious sites, potentially compromising user data and trust.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
CVE-2026-24979 is a reflected Cross Site Scripting (XSS) vulnerability that allows attackers to inject malicious scripts into websites running the vulnerable Jobica Core Plugin. Such vulnerabilities can lead to unauthorized access, data manipulation, or exposure of sensitive information.
While the provided information does not explicitly mention compliance with standards like GDPR or HIPAA, vulnerabilities like reflected XSS can potentially impact compliance by exposing personal or sensitive data to attackers, violating data protection requirements.
Organizations using the affected plugin should promptly update to version 1.4.2 or later to mitigate risks and help maintain compliance with relevant security and privacy regulations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
CVE-2026-24979 is a reflected Cross Site Scripting (XSS) vulnerability in the WordPress Jobica Core Plugin up to version 1.4.1. Detection typically involves identifying malicious script injections or unusual HTTP requests targeting the vulnerable plugin endpoints.
While no specific commands are provided in the resources, common detection methods include monitoring web server logs for suspicious query parameters or payloads, using web vulnerability scanners that test for reflected XSS, and inspecting HTTP requests for injected scripts.
- Use tools like OWASP ZAP or Burp Suite to scan the website for reflected XSS vulnerabilities.
- Check web server access logs for unusual URL parameters containing script tags or encoded payloads.
- Run curl commands to test for reflected XSS by injecting script payloads in URL parameters and observing the response.
What immediate steps should I take to mitigate this vulnerability?
The primary immediate mitigation step is to update the Jobica Core Plugin to version 1.4.2 or later, where the vulnerability is resolved.
Until the update can be applied, it is recommended to implement the mitigation rule provided by Patchstack to block attacks targeting this vulnerability.
Additionally, enabling automatic mitigation and auto-update features for vulnerable plugins can enhance protection against exploitation.