Does JobLister have any unpatched vulnerabilities?

No. All known vulnerabilities in JobLister have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is JobLister compatible with WordPress 6.5.8?

According to WordPress.org data, JobLister 1.3.0 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

Is JobLister compatible with PHP 7.2+?

JobLister requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is JobLister updated?

JobLister was last updated on Jul 3, 2024. Frequent updates are generally a positive security signal.

What is JobLister's security score?

JobLister has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

JobLister Security & Risk Analysis

wordpress.org/plugins/joblister

JobLister is a free and open-source WordPress plugin that allows you to set up a job listing page on your WordPress website.

0 active installs v1.3.0 PHP 7.2+ WP 5.6+ Updated Jul 3, 2024

careers-pagejob-boardjob-listingjob-listsjobs

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is JobLister Safe to Use in 2026?

Generally Safe

Score 92/100

JobLister has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "joblister" plugin v1.3.0 exhibits a generally strong security posture based on the provided static analysis. The complete absence of dangerous functions, raw SQL queries, and unescaped output are significant strengths. Furthermore, the lack of recorded vulnerabilities in its history is a positive indicator of past secure development practices. However, a significant concern arises from the large number of unprotected REST API routes. With 6 out of 6 REST API routes lacking permission callbacks, these endpoints present a substantial attack surface that could be exploited by unauthenticated users to manipulate plugin functionality or data. The presence of external HTTP requests, while only one, also warrants careful scrutiny to ensure it is implemented securely and does not introduce any vulnerabilities.

Key Concerns

REST API routes without permission callbacks
External HTTP requests

Vulnerabilities

None known

JobLister Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

JobLister Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

52 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped52 total outputs

Attack Surface

6 unprotected

JobLister Attack Surface

Entry Points7

Unprotected6

REST API Routes 6

GET/wp-json/jbls/v1/jbls-jobsincludes\class-jbls-rest.php:16

GET/wp-json/jbls/v1/jbls-locationsincludes\class-jbls-rest.php:21

GET/wp-json/jbls/v1/jbls-categoriesincludes\class-jbls-rest.php:26

GET/wp-json/jbls/v1/jbls-typesincludes\class-jbls-rest.php:31

GET/wp-json/jbls/v1/jbls-experience-levelsincludes\class-jbls-rest.php:36

POST/wp-json/jbls/v1jbls-applicationsincludes\class-jbls-rest.php:41

Shortcodes 1

[jbls_jobs] includes\class-jbls-shortcodes.php:11

WordPress Hooks 18

filtermanage_jbls_application_posts_columnsincludes\class-jbls-admin-columns.php:10

actionmanage_jbls_application_posts_custom_columnincludes\class-jbls-admin-columns.php:11

filtermanage_jbls_job_posts_columnsincludes\class-jbls-admin-columns.php:12

actionmanage_jbls_job_posts_custom_columnincludes\class-jbls-admin-columns.php:13

actionadmin_initincludes\class-jbls-dependencies.php:12

actionadmin_noticesincludes\class-jbls-dependencies.php:19

actionpost_edit_form_tagincludes\class-jbls-meta-boxes.php:24

actionadd_meta_boxes_jbls_applicationincludes\class-jbls-meta-boxes.php:25

actionsave_post_jbls_applicationincludes\class-jbls-meta-boxes.php:26

actioninitincludes\class-jbls-post-types.php:11

filteruse_block_editor_for_post_typeincludes\class-jbls-post-types.php:12

actionrest_api_initincludes\class-jbls-rest.php:12

actionwp_enqueue_scriptsincludes\class-jbls-scripts.php:11

actionadmin_menuincludes\class-jbls-settings.php:60

actionadmin_initincludes\class-jbls-settings.php:61

actionwp_enqueue_scriptsincludes\class-jbls-styles.php:11

actioninitincludes\class-jbls-taxonomies.php:11

actionplugins_loadedincludes\class-jbls.php:23

Maintenance & Trust

JobLister Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedJul 3, 2024

PHP min version7.2

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

JobLister Alternatives

WP Job Openings – Job Listing, Career Page and Recruitment Plugin

wp-job-openings

WP Job Openings plugin is the most simple yet powerful plugin for setting up a job listing page for your WordPress website.

40K 2 CVEs

Auto Delete Applications – Add-on for WP Job Openings

auto-delete-applications-add-on-for-wp-job-openings

100

This is an add-on for WP Job Openings Plugin, which will let you delete the received applications periodically. The plugin will let you specify a time …

1K No CVEs

Jobs from Recruitee

jobs-from-recruitee

100

Easily display published jobs from Recruitee anywhere with shortcode.

70 No CVEs

Binary Job Listing – WordPress Clean and Modern Job Listing, Career Page

binary-job-listing

Binary Job Listing is the most powerful and incredibly feature-packed, advanced recruitment plugin that comes with gorgeous designs and has everything …

30 No CVEs

Te Recluta Trabajos

te-recluta-trabajos

Muestra fácilmente los trabajos de Te Recluta en cualquier lugar con shortcodes.

0 No CVEs

Developer Profile

JobLister Developer Profile

Marios Sofokleous

1 plugin · 0 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect JobLister

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/joblister/build/index.css/wp-content/plugins/joblister/build/index.js

Script Paths

/wp-content/plugins/joblister/build/index.js

Version Parameters

joblister/build/index.js?ver=joblister/build/index.css?ver=

HTML / DOM Fingerprints

CSS Classes

jbls-root

Data Attributes

id="jbls-root"

JS Globals

jblsData

REST Endpoints

/wp-json/jbls/v1/jbls-jobs/wp-json/jbls/v1/jbls-locations/wp-json/jbls/v1/jbls-categories/wp-json/jbls/v1/jbls-types/wp-json/jbls/v1/jbls-experience-levels

Shortcode Output

<div class="jbls-root" id="jbls-root"></div>

FAQ