Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
WP Job Manager: Insecure Access Control Risks Unauthorized Actions
CVE-2026-25404
Summary
WP Job Manager, a popular plugin for WordPress job postings, has a security flaw that allows unauthorized users to perform actions they shouldn't be able to. This means that if your site is using an outdated version of the plugin, attackers could potentially gain access to sensitive features. To fix this, update WP Job Manager to the latest version or patch level.
Original title
Missing Authorization vulnerability in Automattic WP Job Manager wp-job-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager: from n/a t...
Original description
Missing Authorization vulnerability in Automattic WP Job Manager wp-job-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager: from n/a through <= 2.4.0.
nvd CVSS3.1
5.3
Vulnerability type
CWE-862
Missing Authorization
Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026