WP-Safety

Job Board by BestWebSoft Security & Risk Analysis

wordpress.org/plugins/job-board

Create your personal job board and listing WordPress website. Search jobs, submit CV/resumes, choose candidates.

80 active installs v1.2.2 PHP + WP 4.5+ Updated Nov 26, 2025
add-job-offerapply-for-a-jobjobjob-boardjob-board-plugin
96
A · Safe
CVEs total3
Unpatched0
Last CVENov 24, 2025
Plugin page Download
Safety Verdict

Is Job Board by BestWebSoft Safe to Use in 2026?

Generally Safe

Score 96/100

Job Board by BestWebSoft has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Nov 24, 2025Updated 4mo ago
Risk Assessment

The 'job-board' plugin v1.2.2 presents a mixed security posture. On the positive side, it demonstrates good practices in several areas, including a high percentage of SQL queries using prepared statements and properly escaped output, along with a robust number of nonce and capability checks. The absence of any critical or high severity taint flows is also a positive indicator.

However, there are notable areas of concern. The presence of the `unserialize` function is a significant risk, as it can lead to arbitrary object injection vulnerabilities if not handled with extreme caution and sanitization. While the static analysis reports zero unprotected entry points, the taint analysis reveals two high-severity unsanitized paths, indicating potential vulnerabilities that could be exploited. The plugin's history of three medium-severity CVEs, all related to Cross-site Scripting (XSS), suggests a recurring pattern of input sanitization or output escaping issues, even if these are currently patched.

In conclusion, while the plugin incorporates several strong security measures, the presence of `unserialize` and the high-severity taint flows, coupled with past XSS vulnerabilities, necessitates caution. These factors, despite the overall good practices, represent potential weaknesses that could be exploited if not thoroughly addressed and monitored. The plugin's attack surface appears well-protected in terms of direct unauthorized access, but the depth of code presents other risks.

Key Concerns

  • Use of unserialize function
  • High severity taint flows detected
  • Total 3 medium CVEs (XSS)
  • Unsanitized paths in taint analysis
Vulnerabilities
3

Job Board by BestWebSoft Security Vulnerabilities

CVEs by Year

1 CVE in 2014
2014
1 CVE in 2017
2017
1 CVE in 2025
2025
Patched Has unpatched

Severity Breakdown

Medium
3

3 total CVEs

CVE-2025-13383medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Job Board by BestWebSoft <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting via $_GET Array Storage

Nov 24, 2025 Patched in 1.2.2 (9d)
WF-38ff10d3-d9ce-440b-b956-002803d49f54-job-boardmedium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Job Board by BestWebSoft < 1.1.4 - Reflected Cross-Site Scripting

Apr 12, 2017 Patched in 1.1.4 (2477d)
CVE-2014-125100medium · 6.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Job Board by BestWebSoft <= 1.0.0 - Unauthenticated Stored Cross-Site Scripting

Aug 8, 2014 Patched in 1.0.1 (3455d)
Code Analysis
Analyzed Mar 16, 2026

Job Board by BestWebSoft Code Analysis

Dangerous Functions
1
Raw SQL Queries
2
15 prepared
Unescaped Output
32
585 escaped
Nonce Checks
23
Capability Checks
12
File Operations
2
External Requests
6
Bundled Libraries
0

Dangerous Functions Found

unserialize$jbbrd_candidate_saved_search = unserialize( $jbbrd_current_user_saved_search );job-board.php:1512

SQL Query Safety

88% prepared17 total queries

Output Escaping

95% escaped617 total outputs
Data Flows
4 unsanitized

Data Flow Analysis

11 flows4 with unsanitized paths
jbbrd_restrict_manage_posts (job-board.php:1019)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Job Board by BestWebSoft Attack Surface

Entry Points4
Unprotected0

AJAX Handlers 2

authwp_ajax_bws_submit_request_feature_actionbws_menu\class-bws-settings.php:1466
authwp_ajax_bws_submit_uninstall_reason_actionbws_menu\deactivation-form.php:433

Shortcodes 2

[jbbrd_vacancy] job-board.php:3191
[jbbrd_registration] job-board.php:3193
WordPress Hooks 52
filterload_textdomain_mofilebws_menu\bws_functions.php:43
filtermce_external_pluginsbws_menu\bws_functions.php:1294
filtermce_buttonsbws_menu\bws_functions.php:1295
actionadmin_initbws_menu\bws_functions.php:1581
actionadmin_enqueue_scriptsbws_menu\bws_functions.php:1582
actionadmin_headbws_menu\bws_functions.php:1583
actionadmin_footerbws_menu\bws_functions.php:1584
actionadmin_noticesbws_menu\bws_functions.php:1586
actionwp_enqueue_scriptsbws_menu\bws_functions.php:1588
actionload-post.phpjob-board.php:58
actionload-edit.phpjob-board.php:59
actionload-post-new.phpjob-board.php:60
actionload-edit-tags.phpjob-board.php:61
actiondelete_term_taxonomyjob-board.php:123
filtercron_schedulesjob-board.php:1637
filtercron_schedulesjob-board.php:1700
filterexcerpt_morejob-board.php:2547
actionadmin_menujob-board.php:3150
actioninitjob-board.php:3152
actionadmin_initjob-board.php:3154
actionplugins_loadedjob-board.php:3155
actionadmin_noticesjob-board.php:3157
actionadmin_enqueue_scriptsjob-board.php:3159
actionwp_enqueue_scriptsjob-board.php:3160
actionadmin_headjob-board.php:3162
filterpost_updated_messagesjob-board.php:3164
actionmanage_posts_custom_columnjob-board.php:3166
filtermanage_edit-vacancy_columnsjob-board.php:3167
filtermanage_edit-vacancy_sortable_columnsjob-board.php:3169
actionpre_get_postsjob-board.php:3171
filterpost_row_actionsjob-board.php:3173
actionadmin_bar_menujob-board.php:3175
actionadmin_bar_menujob-board.php:3177
actionrestrict_manage_postsjob-board.php:3179
filterset-screen-optionjob-board.php:3181
actionshow_user_profilejob-board.php:3183
actionedit_user_profilejob-board.php:3184
actionpersonal_options_updatejob-board.php:3186
actionedit_user_profile_updatejob-board.php:3187
actionuser_edit_form_tagjob-board.php:3189
filterwidget_textjob-board.php:3195
filterbws_shortcode_button_contentjob-board.php:3197
actionsave_postjob-board.php:3199
actionsave_postjob-board.php:3201
actiontrashed_post job-board.php:3202
actionpermalink_structure_changedjob-board.php:3204
actionload-options-reading.phpjob-board.php:3205
actionjbbrd_move_vacancies_to_archive_dayly_functionjob-board.php:3207
filterpost_type_linkjob-board.php:3209
filterplugin_action_linksjob-board.php:3211
filterplugin_row_metajob-board.php:3212
filterbody_classjob-board.php:3213

Scheduled Events 4

jbbrd_move_vacancies_to_archive_dayly_function
jbbrd_move_vacancies_to_archive_dayly_function
sndr_mail_hook
sndr_mail_hook
Maintenance & Trust

Job Board by BestWebSoft Maintenance & Trust

Maintenance Signals

WordPress version tested5.7.15
Last updatedNov 26, 2025
PHP min version
Downloads27K

Community Trust

Rating60/100
Number of ratings7
Active installs80
Alternatives

Job Board by BestWebSoft Alternatives

WP Job Manager

WP Job Manager

wp-job-manager

A
91

Create a careers page for your company website, or build a public job board for your community.

80K 7 CVEs
WP Job Openings – Job Listing, Career Page and Recruitment Plugin

WP Job Openings – Job Listing, Career Page and Recruitment Plugin

wp-job-openings

A
99

WP Job Openings plugin is the most simple yet powerful plugin for setting up a job listing page for your WordPress website.

40K 2 CVEs
HivePress – Business Directory & Classified Ads Plugin

HivePress – Business Directory & Classified Ads Plugin

hivepress

A
100

A simple yet powerful plugin to create a business directory, job board, real estate, classified ads, or basically any type of directory website.

10K No CVEs
Simple Job Board

Simple Job Board

simple-job-board

B
82

job board plugin for job listings, managing applicants, applications, categories, job types, taxonomies, career page, job openings, and recruiters

10K 13 CVEs
WP Job Portal – AI-Powered Recruitment System for Company or Job Board website

WP Job Portal – AI-Powered Recruitment System for Company or Job Board website

wp-job-portal

D
40

A smart, AI-powered job board plugin for WordPress. Build modern recruitment platforms with job listings, resume search, and intelligent matching.

8K 1 unpatched
Developer Profile

Job Board by BestWebSoft Developer Profile

bestweblayout

32 plugins · 17K total installs

78
trust score
Avg Security Score
98/100
Avg Patch Time
1944 days
View full developer profile
Detection Fingerprints

How We Detect Job Board by BestWebSoft

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/job-board/assets/css/bws-job-board.css/wp-content/plugins/job-board/assets/css/datepicker.css/wp-content/plugins/job-board/assets/css/jquery.timepicker.css/wp-content/plugins/job-board/assets/js/job-board.js/wp-content/plugins/job-board/assets/js/moment.min.js/wp-content/plugins/job-board/assets/js/underscore.min.js/wp-content/plugins/job-board/assets/js/backbone-min.js/wp-content/plugins/job-board/assets/js/job-board-admin.js+2 more
Version Parameters
job-board/assets/css/bws-job-board.css?ver=job-board/assets/css/datepicker.css?ver=job-board/assets/css/jquery.timepicker.css?ver=job-board/assets/js/job-board.js?ver=job-board/assets/js/moment.min.js?ver=job-board/assets/js/underscore.min.js?ver=job-board/assets/js/backbone-min.js?ver=job-board/assets/js/job-board-admin.js?ver=job-board/assets/js/job-board-frontend.js?ver=job-board/assets/js/tinymce/plugins/bws-tinymce-plugin/plugin.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
bws-job-board-frontend
HTML Comments
<!-- BWS Job Board Plugin by BestWebSoft -->
JS Globals
jbbrd_frontend_paramsjbbrd_admin_params
FAQ

Frequently Asked Questions about Job Board by BestWebSoft