๐Ÿ” CVE Alert

CVE-2026-12396

MEDIUM 5.4

WP Job Portal < 2.5.5 - Subscriber+ Arbitrary Job Approval, Featuring and Rejection

CVSS Score
5.4
EPSS Score
0.1%
EPSS Percentile
3th

The WP Job Portal WordPress plugin before 2.5.5 does not perform capability or ownership checks before allowing job moderation actions, allowing authenticated users with a subscriber-level (self-registerable) account to approve, feature, or reject arbitrary jobs, including those owned by other users.

Vendor unknown
Product wp job portal
Published Jul 13, 2026
Last Updated Jul 13, 2026
Stay Ahead of the Next One

Get instant alerts for unknown wp job portal

Be the first to know when new medium vulnerabilities affecting unknown wp job portal are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Unknown / WP Job Portal
0 < 2.5.5

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
wpscan.com: https://wpscan.com/vulnerability/13d574ea-84fe-421b-b1e4-23f94e2000d7/

Credits

Meher Sudhakar Abbireddi WPScan