Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WP Job Portal – AI-Powered Recruitment System for Company or Job Board website — Vulnerabilities & Security Advisories 19

All 19 CVE vulnerabilities found in WP Job Portal – AI-Powered Recruitment System for Company or Job Board website, with AI-generated Chinese analysis, references, and POCs.

Vendor: wpjobportal

CVE IDTitleCVSSSeverityPublished
CVE-2026-4758 WP Job Portal <= 2.4.9 - Authenticated (Subscriber+) Arbitrary File Deletion via Resume Custom File Field CWE-22 8.8 High2026-03-25
CVE-2026-4306 WP Job Portal <= 2.4.8 - Unauthenticated SQL Injection via 'radius' Parameter CWE-89 7.5 High2026-03-23
CVE-2025-14467 WP Job Portal <= 2.4.4 - Authenticated (Editor+) Stored Cross-Site Scripting via Job Description Field CWE-79 4.4 Medium2025-12-12
CVE-2025-14293 WP Job Portal <= 2.4.0 - Authenticated (Subscriber+) Arbitrary File Read CWE-22 6.5 Medium2025-12-11
CVE-2024-13873 WP Job Portal <= 2.2.8 - Insecure Direct Object Reference to Authenticated (Subscriber+) User Photo Disconnection CWE-639 4.3 Medium2025-02-22
CVE-2024-13371 WP Job Portal <= 2.2.6 - Missing Authorization to Unauthenticated Arbitrary Email Sending CWE-862 5.3 Medium2025-02-01
CVE-2024-13372 WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Unauthenticated Arbitrary Resume Download CWE-639 5.3 Medium2025-02-01
CVE-2024-13425 WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Authenticated (Employer+) Arbitrary Company Deletion CWE-639 4.3 Medium2025-02-01
CVE-2024-13428 WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Unauthenticated Company Logo Deletion CWE-639 5.3 Medium2025-02-01
CVE-2024-13429 WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Authenticated (Employer+) Arbitrary Job Deletion CWE-639 4.3 Medium2025-02-01
CVE-2024-12131 WP Job Portal – A Complete Recruitment System for Company or Job Board website <= 2.2.5- Authenticated (Subscriber+) Insecure Direct Object Reference CWE-639 4.3 Medium2025-01-07
CVE-2024-12132 WP Job Portal – A Complete Recruitment System for Company or Job Board website <= 2.2.4 - Authenticated (Subscriber+) Insecure Direct Object Reference CWE-639 4.3 Medium2025-01-03
CVE-2024-11712 WP Job Portal <= 2.2.2 - Missing Authorization to Unauthenticated Arbitrary Resume Download CWE-359 5.3 Medium2024-12-14
CVE-2024-11711 WP Job Portal <= 2.2.1 - Unauthenticated SQL Injection CWE-89 7.5 High2024-12-14
CVE-2024-11714 WP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL Injection via getFieldsForVisibleCombobox() CWE-89 4.9 Medium2024-12-14
CVE-2024-11710 WP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL Injection CWE-89 4.9 Medium2024-12-14
CVE-2024-11715 WP Job Portal <= 2.2.2 - Missing Authorization to Limited Privilege Escalation CWE-862 4.8 Medium2024-12-14
CVE-2024-11713 WP Job Portal <= 2.2.2 - Authenticated (Admin+) SQL Injection via wpjobportal_deactivate() CWE-89 4.9 Medium2024-12-14
CVE-2024-7950 WP Job Portal <= 2.1.6 - Missing Authorization to Unauthenticated Local File Inclusion, Arbitrary Settings Update, and User Creation CWE-22 9.8 Critical2024-09-04

All 19 known CVE vulnerabilities affecting WP Job Portal – AI-Powered Recruitment System for Company or Job Board website with full Chinese analysis, references, and POCs where available.