WP-Safety

Job Manager & Career – Manage job board listings, and recruitments Security & Risk Analysis

wordpress.org/plugins/job-manager-career

An ideal WordPress Job Manager plugin for recruiters to manage job board listings, career pages, and recruitments.

2K active installs v1.4.10 PHP 5.6+ WP 4.7+ Updated Nov 12, 2025
job-listingjob-managerwordpress-job-managerwp-job-boardwp-job-manager
99
A · Safe
CVEs total2
Unpatched0
Last CVEDec 27, 2023
Plugin page Download
Safety Verdict

Is Job Manager & Career – Manage job board listings, and recruitments Safe to Use in 2026?

Generally Safe

Score 99/100

Job Manager & Career – Manage job board listings, and recruitments has a strong security track record. Known vulnerabilities have been patched promptly.

2 known CVEsLast CVE: Dec 27, 2023Updated 4mo ago
Risk Assessment

The "job-manager-career" plugin v1.4.10 exhibits a mixed security posture, with some strong points and notable areas of concern. On the positive side, the plugin demonstrates good practices by utilizing prepared statements for all SQL queries and implementing a significant number of nonce checks. The attack surface is minimal, with only one AJAX handler, and importantly, it appears to be protected by authentication checks. The majority of output escaping is also handled correctly, reducing the risk of cross-site scripting vulnerabilities.

However, the presence of the `unserialize` function is a significant red flag, as it can be a vector for remote code execution if not handled with extreme caution and validation. While the static analysis did not flag any critical taint flows, there is one high-severity flow identified, which warrants investigation. The vulnerability history reveals two past CVEs, one high and one low severity, related to Cross-Site Request Forgery and Exposure of Sensitive Information. The fact that there are no currently unpatched vulnerabilities is encouraging, but the historical pattern of these types of vulnerabilities suggests a need for continuous vigilance and robust input sanitization.

Overall, while the plugin has implemented some fundamental security measures effectively, the identified `unserialize` function and the past vulnerability history indicate potential weaknesses. The plugin is not inherently insecure, but diligent review of the high-severity taint flow and careful handling of serialized data are crucial. The absence of capability checks on the identified entry point could also be a potential area for improvement depending on the context of its usage.

Key Concerns

  • High severity taint flow found
  • Dangerous function unserialize used
  • Past high severity CVE
  • Past low severity CVE
  • No capability checks on entry points
Vulnerabilities
2

Job Manager & Career – Manage job board listings, and recruitments Security Vulnerabilities

CVEs by Year

2 CVEs in 2023
2023
Patched Has unpatched

Severity Breakdown

High
1
Low
1

2 total CVEs

CVE-2023-51545high · 8.8Cross-Site Request Forgery (CSRF)

Job Manager & Career – Manage job board listings, and recruitments <= 1.4.4 - Cross-Site Request Forgery to PHP Object Injection

Dec 27, 2023 Patched in 1.4.5 (27d)
CVE-2023-5906low · 3.7Exposure of Sensitive Information to an Unauthorized Actor

Job Manager & Career <= 1.4.3 - Sensitive Information Exposure

Nov 6, 2023 Patched in 1.4.4 (78d)
Code Analysis
Analyzed Mar 16, 2026

Job Manager & Career – Manage job board listings, and recruitments Code Analysis

Dangerous Functions
1
Raw SQL Queries
0
0 prepared
Unescaped Output
109
421 escaped
Nonce Checks
10
Capability Checks
0
File Operations
5
External Requests
1
Bundled Libraries
0

Dangerous Functions Found

unserialize$settings = unserialize($base64_decoded, ['allowed_classes' => false]);classes\class-thjmf-settings-general.php:583

Output Escaping

79% escaped530 total outputs
Data Flows
7 unsanitized

Data Flow Analysis

14 flows7 with unsanitized paths
shortcode_thjmf_job_listing (classes\class-thjmf-public-jobs.php:33)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Job Manager & Career – Manage job board listings, and recruitments Attack Surface

Entry Points1
Unprotected0

AJAX Handlers 1

authwp_ajax_thjmf_deactivation_reasonclasses\class-thjmf.php:35
WordPress Hooks 80
filterbody_classclasses\class-thjmf-hooks.php:13
filtersingle_templateclasses\class-thjmf-hooks.php:18
filtertemplate_includeclasses\class-thjmf-hooks.php:19
actionthjm_before_main_contentclasses\class-thjmf-hooks.php:20
actionthjm_after_main_contentclasses\class-thjmf-hooks.php:21
actionthjm_single_job_headerclasses\class-thjmf-hooks.php:22
actionthjm_single_job_headerclasses\class-thjmf-hooks.php:23
actionthjm_single_job_headerclasses\class-thjmf-hooks.php:24
actionthjm_single_job_contentclasses\class-thjmf-hooks.php:25
actionthjm_after_single_job_contentclasses\class-thjmf-hooks.php:27
actionthjm_after_single_job_contentclasses\class-thjmf-hooks.php:28
actionthjm_after_single_job_contentclasses\class-thjmf-hooks.php:29
actionthjm_before_job_loop_itemclasses\class-thjmf-hooks.php:30
actionthjm_job_loop_item_titleclasses\class-thjmf-hooks.php:31
actionthjm_after_job_loop_item_titleclasses\class-thjmf-hooks.php:32
actionthjm_after_job_loop_item_titleclasses\class-thjmf-hooks.php:33
actionthjm_after_job_loop_item_titleclasses\class-thjmf-hooks.php:34
actionthjm_after_job_loop_itemclasses\class-thjmf-hooks.php:35
actionthjm_after_single_job_contentclasses\class-thjmf-hooks.php:39
actionadd_meta_boxes_thjm_jobsclasses\class-thjmf-posts.php:39
actionadd_meta_boxes_thjm_applicantsclasses\class-thjmf-posts.php:40
actionsave_post_thjm_jobsclasses\class-thjmf-posts.php:41
actionsave_post_thjm_applicantsclasses\class-thjmf-posts.php:42
filtermanage_thjm_jobs_posts_columnsclasses\class-thjmf-posts.php:43
filtermanage_thjm_applicants_posts_columnsclasses\class-thjmf-posts.php:44
actionmanage_thjm_jobs_posts_custom_columnclasses\class-thjmf-posts.php:45
actionmanage_thjm_applicants_posts_custom_columnclasses\class-thjmf-posts.php:46
actionpost_submitbox_minor_actionsclasses\class-thjmf-posts.php:47
filterparse_queryclasses\class-thjmf-posts.php:48
actionrestrict_manage_postsclasses\class-thjmf-posts.php:49
actionadmin_head-post-new.phpclasses\class-thjmf-posts.php:50
actionadmin_head-post.phpclasses\class-thjmf-posts.php:51
actionadmin_head-edit.phpclasses\class-thjmf-posts.php:52
filterthjmf_change_job_column_date_formatclasses\class-thjmf-posts.php:53
filterget_user_option_screen_layout_thjm_jobsclasses\class-thjmf-posts.php:55
filterenter_title_hereclasses\class-thjmf-posts.php:56
filterdefault_contentclasses\class-thjmf-posts.php:57
actionwpclasses\class-thjmf-public-jobs.php:28
actionwpclasses\class-thjmf-public-jobs.php:29
filterthjmf_job_listing_body_classclasses\class-thjmf-public-jobs.php:30
actionthjm_after_single_job_contentclasses\class-thjmf-public-jobs.php:315
actioninitclasses\class-thjmf-public-shortcodes.php:24
actionwpclasses\class-thjmf-public-shortcodes.php:25
actionwpclasses\class-thjmf-public-shortcodes.php:26
filterexcerpt_moreclasses\class-thjmf-public-shortcodes.php:48
filterthe_contentclasses\class-thjmf-public-shortcodes.php:49
actionwpclasses\class-thjmf-public.php:25
filterexcerpt_moreclasses\class-thjmf-public.php:26
filterupload_dirclasses\class-thjmf-public.php:77
filterwp_mail_fromclasses\class-thjmf-public.php:203
filterwp_mail_from_nameclasses\class-thjmf-public.php:204
actionadmin_footerclasses\class-thjmf-settings.php:20
actionthjm_before_main_contentclasses\class-thjmf-theme-support.php:62
actionthjm_after_main_contentclasses\class-thjmf-theme-support.php:63
actionthjm_before_main_contentclasses\class-thjmf-theme-support.php:68
actionthjm_after_main_contentclasses\class-thjmf-theme-support.php:69
actionthjm_before_main_contentclasses\class-thjmf-theme-support.php:74
actionthjm_after_main_contentclasses\class-thjmf-theme-support.php:75
actionthjm_before_main_contentclasses\class-thjmf-theme-support.php:80
actionthjm_after_main_contentclasses\class-thjmf-theme-support.php:81
actionthjm_before_main_contentclasses\class-thjmf-theme-support.php:86
actionthjm_after_main_contentclasses\class-thjmf-theme-support.php:87
actionthjm_before_main_contentclasses\class-thjmf-theme-support.php:92
actionthjm_after_main_contentclasses\class-thjmf-theme-support.php:93
actionthjm_before_main_contentclasses\class-thjmf-theme-support.php:98
actionthjm_after_main_contentclasses\class-thjmf-theme-support.php:99
actionthjm_before_main_contentclasses\class-thjmf-theme-support.php:104
actionthjm_after_main_contentclasses\class-thjmf-theme-support.php:105
actionthjm_before_main_contentclasses\class-thjmf-theme-support.php:110
actionthjm_after_main_contentclasses\class-thjmf-theme-support.php:111
actionafter_setup_themeclasses\class-thjmf.php:33
actionadmin_footer-plugins.phpclasses\class-thjmf.php:34
actionadmin_print_stylesclasses\class-thjmf.php:36
actioninitclasses\class-thjmf.php:76
actioninitclasses\class-thjmf.php:87
actionplugins_loadedclasses\class-thjmf.php:192
actionadmin_enqueue_scriptsclasses\class-thjmf.php:193
actionadmin_menuclasses\class-thjmf.php:194
actionwp_enqueue_scriptsclasses\class-thjmf.php:207
actionadmin_print_stylesclasses\class-thjmf.php:229
Maintenance & Trust

Job Manager & Career – Manage job board listings, and recruitments Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedNov 12, 2025
PHP min version5.6
Downloads59K

Community Trust

Rating94/100
Number of ratings7
Active installs2K
Alternatives

Job Manager & Career – Manage job board listings, and recruitments Alternatives

Contact Listing for WP Job Manager

Contact Listing for WP Job Manager

wp-job-manager-contact-listing

A
85

Allow sites using the WP Job Manager plugin to contact listings via their favorite form builder plugin.

6K No CVEs
WP All Import – Job Listing Import for WP Job Manager

WP All Import – Job Listing Import for WP Job Manager

wp-job-manager-xml-csv-listings-import

A
100

Drag & drop to import job listings from any CSV, XML, Excel, or Google Sheets file of any size or format. Supports company info, locations, applic &hellip;

2K No CVEs
WP All Import – Job Listing Import for Jobify

WP All Import – Job Listing Import for Jobify

jobify-xml-csv-listings-import

A
100

Drag & drop to import job listings from any CSV, XML, Excel, or Google Sheets file of any size or format. Supports company info, locations, catego &hellip;

100 No CVEs
WP All Import – WP Job Manager Field Editor Add-On

WP All Import – WP Job Manager Field Editor Add-On

smyles-wp-job-manager-field-editor-import

A
85

Support for custom fields created with WP Job Manager Field Editor when importing Jobs or Resumes using WP All Import

100 No CVEs
Simple Job Board

Simple Job Board

simple-job-board

B
82

job board plugin for job listings, managing applicants, applications, categories, job types, taxonomies, career page, job openings, and recruiters

10K 13 CVEs
Developer Profile

Job Manager & Career – Manage job board listings, and recruitments Developer Profile

ThemeHigh

16 plugins · 579K total installs

77
trust score
Avg Security Score
97/100
Avg Patch Time
245 days
View full developer profile
Detection Fingerprints

How We Detect Job Manager & Career – Manage job board listings, and recruitments

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/job-manager-career/assets/css/thjmf-public.css
Script Paths
/wp-content/plugins/job-manager-career/assets/js/thjmf-public.js
Version Parameters
job-manager-career/assets/css/thjmf-public.css?ver=job-manager-career/assets/js/thjmf-public.js?ver=

HTML / DOM Fingerprints

CSS Classes
thjmf_job_listing_classthjmf_get_job_listing_classthjmf_posted_date_format
HTML Comments
<!-- ... -->
Data Attributes
thjmf_job_filter_formthjmf_job_pagedthjmf_filter_jobsthjmf_filter_jobs_noncethjmf_load_more_jobsthjmf_load_more_jobs_nonce+3 more
JS Globals
thjmf_public_var
Shortcode Output
<div class="<form id="thjmf_job_filter_form" name="thjmf_job_filter_form" method="POST"><input type="hidden" name="thjmf_job_paged" value="
FAQ

Frequently Asked Questions about Job Manager & Career – Manage job board listings, and recruitments