Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
WP Job Manager Access Control Security Levels Incorrectly Configured
CVE-2026-39660
Summary
WP Job Manager, a popular job posting plugin for WordPress, has a security issue that allows unauthorized access to certain features. This means that someone with the wrong level of access might be able to do things they shouldn't be able to do. To fix this, update WP Job Manager to the latest version, which should be version 2.4.2 or later.
Original title
Missing Authorization vulnerability in Automattic WP Job Manager wp-job-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager: from n/a t...
Original description
Missing Authorization vulnerability in Automattic WP Job Manager wp-job-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager: from n/a through <= 2.4.1.
Vulnerability type
CWE-862
Missing Authorization
Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026