WP-Safety

Job App Manager Security & Risk Analysis

wordpress.org/plugins/job-app-manager

Job App Manager is a simple wordpress plugin. The plugin provides a shortcode for displaying a job application form where people can apply with their …

10 active installs v1.0.2 PHP 7.2+ WP 5.2+ Updated Feb 23, 2022
job-applicationjob-app-managerjob-app-pluginjob-application-formonline-job-application
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Job App Manager Safe to Use in 2026?

Generally Safe

Score 85/100

Job App Manager has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The "job-app-manager" v1.0.2 plugin exhibits a generally good security posture based on the provided static analysis. It has a small attack surface with no identified unprotected entry points, and it avoids the use of dangerous functions and external HTTP requests. The absence of known vulnerabilities in its history is also a strong positive indicator, suggesting a commitment to security or a lack of historical exploitation.

However, there are notable concerns. All SQL queries are executed without prepared statements, which is a significant risk for SQL injection vulnerabilities, especially if the plugin handles user-supplied input in its database operations. While the total output escaping is relatively high, a significant portion (26%) remains unescaped, posing a risk of Cross-Site Scripting (XSS) vulnerabilities if user input is reflected directly in the output.

In conclusion, while the plugin has a clean vulnerability history and a limited attack surface, the lack of prepared statements for SQL queries and the presence of unescaped output are critical weaknesses that require immediate attention. The plugin benefits from a good track record and a small attack surface, but these strengths are overshadowed by the potential for severe data compromise and code execution via database manipulation and XSS.

Key Concerns

  • All SQL queries lack prepared statements
  • Significant portion of output not properly escaped
Vulnerabilities
None known

Job App Manager Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Job App Manager Code Analysis

Dangerous Functions
0
Raw SQL Queries
3
0 prepared
Unescaped Output
5
14 escaped
Nonce Checks
2
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

SQL Query Safety

0% prepared3 total queries

Output Escaping

74% escaped19 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
jam_all_submissions_page_callback (includes\admin\admin-menu-page.php:32)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Job App Manager Attack Surface

Entry Points3
Unprotected0

AJAX Handlers 2

authwp_ajax_jam_datasincludes\form-handling.php:3
noprivwp_ajax_jam_datasincludes\form-handling.php:4

Shortcodes 1

[applicant_form] includes\shortcode.php:7
WordPress Hooks 6
actionadmin_menuincludes\admin\admin-menu-page.php:4
actionwp_dashboard_setupincludes\admin\dashboard-widget.php:14
actioninitincludes\shortcode.php:4
actionplugins_loadedjob-app-manager.php:34
actionwp_enqueue_scriptsjob-app-manager.php:37
actionadmin_enqueue_scriptsjob-app-manager.php:59
Maintenance & Trust

Job App Manager Maintenance & Trust

Maintenance Signals

WordPress version tested5.9.13
Last updatedFeb 23, 2022
PHP min version7.2
Downloads4K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Job App Manager Alternatives

Resume Collector

Resume Collector

resume-collector

A
100

Collect resumes from visitors using a simple shortcode form and manage submissions in the WordPress dashboard.

10 No CVEs
Inesta Gravity Forms Recruitee Integration

Inesta Gravity Forms Recruitee Integration

inesta-integration-gravity-forms-recruitee

A
100

Integrates Gravity Forms with Recruitee ATS to send job applications directly to your Recruitee account.

0 No CVEs
rz Job Application form

rz Job Application form

rz-job-application-form

A
85

rz Job Application form

0 No CVEs
Developer Profile

Job App Manager Developer Profile

Hasan Fardous

3 plugins · 10 total installs

87
trust score
Avg Security Score
90/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Job App Manager

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/job-app-manager/assets/css/styles.css/wp-content/plugins/job-app-manager/assets/js/applicants-data.js/wp-content/plugins/job-app-manager/includes/admin/assets/css/styles.css
Script Paths
assets/js/applicants-data.js
Version Parameters
job-app-manager/assets/js/applicants-data.js?ver=1.0

HTML / DOM Fingerprints

CSS Classes
applicant-form-wrapperjam-confirmation-messagejam-applicant-formsingle-entrypresentAddresspostNameyourCvsubmitBtn
Data Attributes
data-applicant_form_nonce
JS Globals
jam_datas
Shortcode Output
<div class="applicant-form-wrapper"><div class="jam-confirmation-message"></div><form method="post" class="jam-applicant-form" enctype="multipart/form-data"><div class="single-entry">
FAQ

Frequently Asked Questions about Job App Manager