Skip to main content

Wp Job Manager

1 CVEs product

Monthly

CVE-2026-39660 MEDIUM This Month

Missing authorization in Automattic WP Job Manager through version 2.4.1 allows unauthenticated remote attackers to modify plugin data through incorrectly configured access control, enabling unauthorized changes to job listings and related content without proper privilege validation. The vulnerability has a low real-world exploitation probability (EPSS 0.02%) despite the network-accessible attack vector, suggesting limited practical exploitability in typical WordPress deployments.

Authentication Bypass Wp Job Manager
NVD
CVSS 3.1
5.3
EPSS
0.0%
EPSS 0% CVSS 5.3
MEDIUM This Month

Missing authorization in Automattic WP Job Manager through version 2.4.1 allows unauthenticated remote attackers to modify plugin data through incorrectly configured access control, enabling unauthorized changes to job listings and related content without proper privilege validation. The vulnerability has a low real-world exploitation probability (EPSS 0.02%) despite the network-accessible attack vector, suggesting limited practical exploitability in typical WordPress deployments.

Authentication Bypass Wp Job Manager
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy