WP-Safety

JobBoard Job listing plugin Security & Risk Analysis

wordpress.org/plugins/job-board-light

Manage Job listing from front-end & WP admin panel. JobBoard has Employer & Candidates directory & frontend Dashboard. Nice & clean full ajax design.

100 active installs v1.2.8 PHP 5.2.4+ WP 4.9+ Updated May 24, 2025
careerjob-boardjob-listingjob-managerjob-portal
34
D · High Risk
CVEs total4
Unpatched3
Last CVEJan 27, 2026
Plugin page Download
Safety Verdict

Is JobBoard Job listing plugin Safe to Use in 2026?

High Risk

Score 34/100

JobBoard Job listing plugin carries significant security risk with 4 known CVEs, 3 still unpatched. Consider switching to a maintained alternative.

4 known CVEs 3 unpatched Last CVE: Jan 27, 2026Updated 10mo ago
Risk Assessment

The "job-board-light" plugin v1.2.8 exhibits a mixed security posture. While it demonstrates good practices such as using prepared statements for all SQL queries and a high percentage of properly escaped output, several areas raise significant concerns. The presence of 15 AJAX handlers without proper authentication checks represents a substantial attack surface that could be exploited by unauthorized users. Furthermore, the taint analysis revealing one high-severity flow with unsanitized paths indicates a potential for command injection or other code execution vulnerabilities if an attacker can manipulate input that reaches this flow.

The vulnerability history for this plugin is particularly worrying. With 4 known CVEs, 3 of which are currently unpatched, including one critical vulnerability, the plugin has a track record of serious security flaws. The common vulnerability types like Exposure of Sensitive Information, Missing Authorization, Authorization Bypass, and Unrestricted File Upload suggest recurring patterns of fundamental security misconfigurations. The fact that the last vulnerability was so recent (2026-01-27) further amplifies the risk, indicating ongoing security issues.

In conclusion, despite some positive coding practices, the combination of a large unprotected attack surface, a high-severity taint flow, and a history of multiple unpatched critical and medium vulnerabilities makes this plugin a high-risk component. The plugin's past issues and current vulnerabilities point to a persistent need for robust security patching and development practices. Users should exercise extreme caution and consider alternatives until these issues are addressed.

Key Concerns

  • Unpatched Critical CVE
  • 3 Unpatched Medium CVEs
  • High Severity Taint Flow
  • 15 AJAX handlers without auth checks
  • 4 Flows with unsanitized paths
  • Bundled DataTables library
  • Bundled TCPDF library
Vulnerabilities
4

JobBoard Job listing plugin Security Vulnerabilities

CVEs by Year

3 CVEs in 2025 · unpatched
2025
1 CVE in 2026 · unpatched
2026
Patched Has unpatched

Severity Breakdown

Critical
1
Medium
3

4 total CVEs

CVE-2025-68855medium · 5.3Exposure of Sensitive Information to an Unauthorized Actor

JobBoard Job listing <= 1.2.8 - Unauthenticated Information Exposure

Jan 27, 2026Unpatched
CVE-2025-31834medium · 5.3Missing Authorization

JobBoard Job listing <= 1.2.7 - Missing Authorization

Apr 1, 2025Unpatched
CVE-2025-31833medium · 4.3Authorization Bypass Through User-Controlled Key

JobBoard Job listing <= 1.2.7 - Authenticated (Employer+) Insecure Direct Object Reference

Apr 1, 2025Unpatched
CVE-2024-43243critical · 9.8Unrestricted Upload of File with Dangerous Type

JobBoard Job listing <= 1.2.6 - Unauthenticated Arbitrary File Upload

Jan 3, 2025 Patched in 1.2.7 (6d)
Code Analysis
Analyzed Mar 16, 2026

JobBoard Job listing plugin Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
86 prepared
Unescaped Output
273
2002 escaped
Nonce Checks
56
Capability Checks
29
File Operations
6
External Requests
0
Bundled Libraries
2

Bundled Libraries

DataTablesTCPDF

SQL Query Safety

100% prepared86 total queries

Output Escaping

88% escaped2275 total outputs
Data Flows
4 unsanitized

Data Flow Analysis

24 flows4 with unsanitized paths
jobboard_update_map_marker (admin\admin.php:103)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
15 unprotected

JobBoard Job listing plugin Attack Surface

Entry Points94
Unprotected15

AJAX Handlers 75

authwp_ajax_jobboard_save_packageadmin\admin.php:17
authwp_ajax_jobboard_update_packageadmin\admin.php:18
authwp_ajax_jobboard_update_paypal_settingsadmin\admin.php:19
authwp_ajax_jobboard_update_stripe_settingsadmin\admin.php:20
authwp_ajax_jobboard_create_couponadmin\admin.php:21
authwp_ajax_jobboard_update_couponadmin\admin.php:22
authwp_ajax_jobboard_update_payment_settingadmin\admin.php:23
authwp_ajax_jobboard_update_page_settingadmin\admin.php:24
authwp_ajax_jobboard_update_email_settingadmin\admin.php:25
authwp_ajax_jobboard_update_mailchamp_settingadmin\admin.php:26
authwp_ajax_jobboard_add_home_pageadmin\admin.php:27
authwp_ajax_jobboard_update_package_statusadmin\admin.php:28
authwp_ajax_jobboard_gateway_settings_updateadmin\admin.php:29
authwp_ajax_jobboard_update_account_settingadmin\admin.php:30
authwp_ajax_jobboard_update_protected_settingadmin\admin.php:31
authwp_ajax_jobboard_update_map_markeradmin\admin.php:32
authwp_ajax_jobboard_update_cate_imageadmin\admin.php:33
authwp_ajax_jobboard_update_city_imageadmin\admin.php:34
authwp_ajax_jobboard_import_dataadmin\admin.php:35
authwp_ajax_jobboard_update_user_settingsadmin\admin.php:36
authwp_ajax_jobboard_update_profile_fieldsadmin\admin.php:37
authwp_ajax_jobboard_update_dir_fieldsadmin\admin.php:38
authwp_ajax_jobboard_update_profile_signup_fieldsadmin\admin.php:39
authwp_ajax_iv_update_dir_settingadmin\admin.php:40
authwp_ajax_jobboard_check_couponplugin.php:76
noprivwp_ajax_jobboard_check_couponplugin.php:77
authwp_ajax_jobboard_check_package_amountplugin.php:78
noprivwp_ajax_jobboard_check_package_amountplugin.php:79
authwp_ajax_jobboard_update_profile_picplugin.php:80
authwp_ajax_jobboard_update_profile_settingplugin.php:81
authwp_ajax_jobboard_update_wp_postplugin.php:82
authwp_ajax_jobboard_save_wp_postplugin.php:83
authwp_ajax_jobboard_update_setting_fbplugin.php:84
authwp_ajax_jobboard_update_setting_passwordplugin.php:86
authwp_ajax_jobboard_check_loginplugin.php:86
noprivwp_ajax_jobboard_check_loginplugin.php:87
authwp_ajax_jobboard_forget_passwordplugin.php:88
noprivwp_ajax_jobboard_forget_passwordplugin.php:89
authwp_ajax_jobboard_cancel_stripeplugin.php:90
authwp_ajax_jobboard_cancel_paypalplugin.php:91
authwp_ajax_jobboard_profile_stripe_upgradeplugin.php:92
authwp_ajax_jobboard_save_favoriteplugin.php:93
authwp_ajax_jobboard_save_un_favoriteplugin.php:94
authwp_ajax_jobboard_applied_deleteplugin.php:95
authwp_ajax_jobboard_save_notificationplugin.php:96
authwp_ajax_jobboard_delete_favoriteplugin.php:97
authwp_ajax_jobboard_candidate_deleteplugin.php:98
authwp_ajax_jobboard_candidate_rejectplugin.php:99
authwp_ajax_jobboard_candidate_shortlistedplugin.php:100
authwp_ajax_jobboard_candidate_scheduleplugin.php:101
authwp_ajax_jobboard_profile_bookmarkplugin.php:102
authwp_ajax_jobboard_profile_bookmark_deleteplugin.php:103
authwp_ajax_jobboard_employer_bookmarkplugin.php:104
authwp_ajax_jobboard_employer_bookmark_deleteplugin.php:105
authwp_ajax_jobboard_message_deleteplugin.php:106
authwp_ajax_jobboard_message_sendplugin.php:107
noprivwp_ajax_jobboard_message_sendplugin.php:108
authwp_ajax_jobboard_claim_sendplugin.php:109
noprivwp_ajax_jobboard_claim_sendplugin.php:110
authwp_ajax_jobboard_cron_jobplugin.php:111
noprivwp_ajax_jobboard_cron_jobplugin.php:112
authwp_ajax_jobboard_apply_submit_loginplugin.php:113
authwp_ajax_jobboard_apply_submit_nonloginplugin.php:114
noprivwp_ajax_jobboard_apply_submit_nonloginplugin.php:115
authwp_ajax_jobboard_candidate_meeting_popupplugin.php:116
authwp_ajax_jobboard_candidate_email_popupplugin.php:117
noprivwp_ajax_jobboard_candidate_email_popupplugin.php:118
authwp_ajax_jobboard_apply_popupplugin.php:119
noprivwp_ajax_jobboard_apply_popupplugin.php:120
authwp_ajax_finalerp_csv_product_uploadplugin.php:121
authwp_ajax_save_csv_file_to_databaseplugin.php:122
authwp_ajax_eppro_get_import_statusplugin.php:123
authwp_ajax_jobboard_contact_popupplugin.php:124
authwp_ajax_jobboard_listing_contact_popupplugin.php:125
noprivwp_ajax_jobboard_listing_contact_popupplugin.php:126

Shortcodes 19

[jobboard_price_table] plugin.php:133
[jobboard_form_wizard] plugin.php:134
[jobboard_profile_template] plugin.php:135
[jobboard_candidate_profile_public] plugin.php:136
[jobboard_employer_profile_public] plugin.php:137
[jobboard_login] plugin.php:138
[jobs_employer_directory] plugin.php:139
[jobs_candidate_directory] plugin.php:140
[jobboard_categories] plugin.php:141
[jobboard_featured] plugin.php:142
[jobboard_map] plugin.php:143
[jobboard_all_jobs] plugin.php:144
[jobboard_all_jobs_grid] plugin.php:145
[jobboard_all_jobs_grid_popup] plugin.php:146
[slider_search] plugin.php:147
[listing_filter] plugin.php:148
[listing_carousel] plugin.php:149
[jobboard_cities] plugin.php:150
[jobboard_reminder_email_cron] plugin.php:151
WordPress Hooks 31
actionadmin_menuadmin\admin.php:14
actionadmin_print_scriptsadmin\admin.php:15
actionadmin_print_stylesadmin\admin.php:16
actioninitadmin\admin.php:41
filtermanage_edit-iv_payment_columnsadmin\admin.php:42
actionmanage_iv_payment_posts_custom_columnadmin\admin.php:43
actionadmin_initadmin\admin.php:44
actionadmin_noticesadmin\notifications.php:108
actionmanage_job_apply_posts_custom_columnadmin\pages\manage-cpt-columns.php:27
filtermanage_edit-job_apply_columnsadmin\pages\manage-cpt-columns.php:28
actionmanage_jobboard_message_posts_custom_columnadmin\pages\manage-cpt-columns.php:68
filtermanage_edit-jobboard_message_columnsadmin\pages\manage-cpt-columns.php:69
actionwidgets_initplugin.php:68
actioninitplugin.php:72
actionplugins_loadedplugin.php:127
actionadd_meta_boxesplugin.php:128
actionsave_postplugin.php:129
actionwp_loginplugin.php:130
actionpre_get_postsplugin.php:131
filtertemplate_includeplugin.php:153
filterrequestplugin.php:154
actioninitplugin.php:157
actioninitplugin.php:158
actioninitplugin.php:159
actioninitplugin.php:160
actioninitplugin.php:161
actioninitplugin.php:162
actioninitplugin.php:163
filterviews_edit-postplugin.php:1557
filterviews_uploadplugin.php:1558
actionadmin_noticesplugin.php:1835
Maintenance & Trust

JobBoard Job listing plugin Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedMay 24, 2025
PHP min version5.2.4
Downloads8K

Community Trust

Rating100/100
Number of ratings8
Active installs100
Alternatives

JobBoard Job listing plugin Alternatives

easy.jobs – AI powered Job Listing, Job Board, Career Page, Recruitment & Hiring Solution

easy.jobs – AI powered Job Listing, Job Board, Career Page, Recruitment & Hiring Solution

easyjobs

A
98

Easy solution for job recruitment to attract, manage & hire the right talent faster. Create and manage job listings, career pages, and recruitment &hellip;

5K 3 CVEs
Simple Job Board

Simple Job Board

simple-job-board

B
82

job board plugin for job listings, managing applicants, applications, categories, job types, taxonomies, career page, job openings, and recruiters

10K 13 CVEs
WP Job Portal – AI-Powered Recruitment System for Company or Job Board website

WP Job Portal – AI-Powered Recruitment System for Company or Job Board website

wp-job-portal

D
40

A smart, AI-powered job board plugin for WordPress. Build modern recruitment platforms with job listings, resume search, and intelligent matching.

8K 1 unpatched
JobBoardWP – Job Board Listings and Submissions

JobBoardWP – Job Board Listings and Submissions

jobboardwp

A
94

Add a modern job board to your website. Display job listings and allow employers to submit and manage jobs all from the front-end.

1K 5 CVEs
JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin

JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin

jobwp

B
83

Create a modern job board and career page on WordPress. Accept job listings, manage applications, and grow a recruitment platform.

1K 7 CVEs
Developer Profile

JobBoard Job listing plugin Developer Profile

themeglow

3 plugins · 150 total installs

70
trust score
Avg Security Score
74/100
Avg Patch Time
31 days
View full developer profile
Detection Fingerprints

How We Detect JobBoard Job listing plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/job-board-light/assets/css/frontend.css/wp-content/plugins/job-board-light/assets/css/frontend-layout-2.css/wp-content/plugins/job-board-light/assets/css/frontend-layout-3.css/wp-content/plugins/job-board-light/assets/css/responsive.css/wp-content/plugins/job-board-light/assets/css/frontend.css/wp-content/plugins/job-board-light/assets/css/frontend-layout-2.css/wp-content/plugins/job-board-light/assets/css/frontend-layout-3.css/wp-content/plugins/job-board-light/assets/css/responsive.css+12 more
Script Paths
/wp-content/plugins/job-board-light/assets/js/jquery.validate.min.js/wp-content/plugins/job-board-light/assets/js/frontend.js/wp-content/plugins/job-board-light/assets/js/jquery.form.js/wp-content/plugins/job-board-light/assets/js/frontend.js/wp-content/plugins/job-board-light/assets/js/jobboard-frontend.js/wp-content/plugins/job-board-light/assets/js/jquery.form.js+2 more

HTML / DOM Fingerprints

CSS Classes
jobboard_searchjobboard_search_formjobboard_price_tablejobboard_price_table_bodyjobboard_price_table_headerjobboard_form_wizardjobboard_profile_templatejobboard_candidate_profile_public+3 more
Data Attributes
data-jobboard-action
JS Globals
jobboard_ajax_object
REST Endpoints
/wp-json/jobboard/v1/jobs/wp-json/jobboard/v1/employers/wp-json/jobboard/v1/candidates
Shortcode Output
[jobboard_price_table][jobboard_form_wizard][jobboard_profile_template][jobboard_candidate_profile_public]
FAQ

Frequently Asked Questions about JobBoard Job listing plugin