CVE-2026-12395
WP Job Portal < 2.5.5 - Subscriber+ SQL Injection via Applied Resumes 'ta' Parameter
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
The WP Job Portal WordPress plugin before 2.5.5 does not properly sanitize and escape a parameter before using it in a SQL query, allowing authenticated users with a subscriber-level (self-registerable) account to perform SQL injection attacks.
| Vendor | unknown |
| Product | wp job portal |
| Published | Jul 16, 2026 |
Stay Ahead of the Next One
Get instant alerts for unknown wp job portal
Be the first to know when new unknown vulnerabilities affecting unknown wp job portal are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Unknown / WP Job Portal
0 < 2.5.5
References
Credits
Meher Sudhakar Abbireddi WPScan