[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1fRfUhosbAntDqIw-iQ-BL6Xc0OSgbWVH1SM2_ELZqc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":62,"crawl_stats":36,"alternatives":70,"analysis":71,"fingerprints":311},"wp-jobs","WP Jobs","2.3.1","DraftPress Team","https:\u002F\u002Fprofiles.wordpress.org\u002Fdraftpress\u002F","\u003Cp>Flexible options to list jobs on your site.\u003C\u002Fp>\n\u003Cp>Allow people to apply and attach the Resume \u002F CV.\u003C\u002Fp>\n\u003Cp>Email notifications for new applications.\u003C\u002Fp>\n\u003Cp>Newly Added Features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>You can use Contact Form 7 or any other form plugin and place its shortcode for CV\u002FResume application and replace the default application form\u003C\u002Fli>\n\u003Cli>Redesigned job listing and job detail pages\u003C\u002Fli>\n\u003Cli>Added job type field (full time, contract, part time etc)d\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Features\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Add Jobs\u003C\u002Fli>\n\u003Cli>Job Departments\u003C\u002Fli>\n\u003Cli>Online job application\u003C\u002Fli>\n\u003Cli>Resume \u002F CV attachment\u003C\u002Fli>\n\u003Cli>Email notifications\u003C\u002Fli>\n\u003Cli>Job description, salary, location, department, job qualification requirements etc\u003C\u002Fli>\n\u003Cli>Shortcode to list jobs anywhere. (All or by department)\u003C\u002Fli>\n\u003Cli>Manage applicants\u003C\u002Fli>\n\u003Cli>Translation ready\u003C\u002Fli>\n\u003Cli>Contact form 7 compatible\u003C\u002Fli>\n\u003Cli>Use any form plugin to accept job applications\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Create Job Listing page\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Create a regular page in your wordpress website\u003C\u002Fli>\n\u003Cli>Then go to WP Jobs in admin > settings and select that page for job listing\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Support\u003C\u002Fp>\n\u003Cul>\n\u003Cli>For support and feedback, please \u003Ca href=\"http:\u002F\u002Fwww.intensewp.com\u002Fwp-jobs\u002F\" title=\"wordpress jobs plugin\" rel=\"nofollow ugc\">click here\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>Youtube \u003Ca href=\"https:\u002F\u002Fgoo.gl\u002Fq8lPF3\" title=\"Intense WP Youtube Channel\" rel=\"nofollow ugc\">tutorial videos and channel\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Post jobs on your WordPress site. User can apply and attach resume\u002FCV for the jobs.",60,12804,80,4,"2020-09-14T12:22:00.000Z","5.5.18","4.5","",[20,21,22,4],"resume-cv-attachment","wordpress-job-listing-plugin","wordpress-jobs","https:\u002F\u002Fdraftpress.com\u002Fproducts","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-jobs.2.3.1.zip",84,2,0,"2017-09-26 00:00:00","2026-03-15T15:16:48.613Z",[31,47],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":38,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46},"CVE-2017-14751","wp-jobs-cross-site-scripting","WP Jobs \u003C 1.7 - Cross-Site Scripting","The Intense WP \"WP Jobs\" plugin 1.5 for WordPress has XSS, related to the Job Qualification field.",null,"\u003C1.7","1.7","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-01-22 19:56:02",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F66ed3f4d-1977-487a-942e-3dd599586957?source=api-prod",2310,{"id":48,"url_slug":49,"title":50,"description":51,"plugin_slug":4,"theme_slug":36,"affected_versions":52,"patched_in_version":53,"severity":54,"cvss_score":55,"cvss_vector":56,"vuln_type":57,"published_date":58,"updated_date":43,"references":59,"days_to_patch":61},"CVE-2017-9603","wp-jobs-sql-injection","WP Jobs \u003C 1.5 - SQL Injection","SQL injection vulnerability in the WP Jobs plugin before 1.5 for WordPress allows authenticated users to execute arbitrary SQL commands via the jobid parameter to wp-admin\u002Fedit.php.","\u003C1.5","1.5","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2017-06-11 00:00:00",[60],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F921489e9-a083-47b3-a20d-e2566b51d8d4?source=api-prod",2417,{"slug":63,"display_name":7,"profile_url":8,"plugin_count":64,"total_installs":65,"avg_security_score":66,"avg_patch_time_days":67,"trust_score":68,"computed_at":69},"draftpress",12,612840,87,1011,70,"2026-04-05T02:31:50.566Z",[],{"attackSurface":72,"codeSignals":139,"taintFlows":213,"riskAssessment":295,"analyzedAt":310},{"hooks":73,"ajaxHandlers":125,"restRoutes":132,"shortcodes":133,"cronEvents":138,"entryPointCount":26,"unprotectedCount":27},[74,80,84,87,90,95,98,102,106,109,113,118,121],{"type":75,"name":76,"callback":77,"file":78,"line":79},"action","wp_enqueue_scripts","wp_jobs_scripts_with_jquery","wp-jobs.php",18,{"type":75,"name":81,"callback":82,"file":78,"line":83},"init","wp_jobs_load_plugin_textdomain",25,{"type":75,"name":76,"callback":85,"file":78,"line":86},"wp_jobs_admin_style",61,{"type":75,"name":81,"callback":88,"file":78,"line":89},"wp_jobs_custom_init",122,{"type":75,"name":91,"callback":92,"priority":93,"file":78,"line":94},"wp_mail_failed","action_wp_mail_failed",10,140,{"type":75,"name":81,"callback":96,"priority":27,"file":78,"line":97},"wp_jobs_taxonomy",179,{"type":75,"name":99,"callback":100,"file":78,"line":101},"admin_menu","wpjobs_AdminMenu",190,{"type":75,"name":103,"callback":104,"file":78,"line":105},"add_meta_boxes","wp_jobs_cust_box",210,{"type":75,"name":103,"callback":107,"file":78,"line":108},"wp_jobs_qualification_box",303,{"type":75,"name":110,"callback":111,"file":78,"line":112},"save_post","wpjobs_save_info",311,{"type":114,"name":115,"callback":116,"file":78,"line":117},"filter","template_redirect","wp_jobs_applicationformtemp",359,{"type":114,"name":115,"callback":119,"file":78,"line":120},"wp_jobs_joblisting",369,{"type":75,"name":122,"callback":123,"file":78,"line":124},"admin_enqueue_scripts","wpjobs_load_scripts",402,[126],{"action":127,"nopriv":128,"callback":129,"hasNonce":130,"hasCapCheck":128,"file":78,"line":131},"update_wpjobs_options",false,"wpjobs_ajax_process",true,421,[],[134],{"tag":135,"callback":136,"file":78,"line":137},"job_listing","wp_jobs_list_shortcode",473,[],{"dangerousFunctions":140,"sqlUsage":141,"outputEscaping":144,"fileOperations":27,"externalRequests":27,"nonceChecks":211,"capabilityChecks":27,"bundledLibraries":212},[],{"prepared":142,"raw":27,"locations":143},7,[],{"escaped":145,"rawEcho":146,"locations":147},47,33,[148,152,154,156,158,160,162,164,166,168,169,171,173,175,177,178,180,182,183,185,187,189,191,193,196,197,199,201,204,205,207,208,209],{"file":149,"line":150,"context":151},"template-files\\applicationform.php",32,"raw output",{"file":149,"line":153,"context":151},35,{"file":149,"line":155,"context":151},38,{"file":149,"line":157,"context":151},41,{"file":149,"line":159,"context":151},43,{"file":149,"line":161,"context":151},49,{"file":149,"line":163,"context":151},58,{"file":149,"line":165,"context":151},69,{"file":149,"line":167,"context":151},79,{"file":149,"line":66,"context":151},{"file":149,"line":170,"context":151},96,{"file":149,"line":172,"context":151},105,{"file":149,"line":174,"context":151},148,{"file":149,"line":176,"context":151},212,{"file":149,"line":176,"context":151},{"file":179,"line":83,"context":151},"template-files\\joblisting.php",{"file":179,"line":181,"context":151},37,{"file":179,"line":163,"context":151},{"file":179,"line":184,"context":151},86,{"file":179,"line":186,"context":151},91,{"file":179,"line":188,"context":151},92,{"file":179,"line":190,"context":151},93,{"file":78,"line":192,"context":151},415,{"file":194,"line":195,"context":151},"wpjobs_applications.php",30,{"file":194,"line":195,"context":151},{"file":194,"line":198,"context":151},72,{"file":194,"line":200,"context":151},82,{"file":202,"line":203,"context":151},"wpjobs_home.php",55,{"file":202,"line":11,"context":151},{"file":206,"line":79,"context":151},"wpjobs_settings.php",{"file":206,"line":153,"context":151},{"file":206,"line":153,"context":151},{"file":206,"line":210,"context":151},42,1,[],[214,230,249,260,285],{"entryPoint":215,"graph":216,"unsanitizedCount":211,"severity":229},"\u003Cjoblisting> (template-files\\joblisting.php:0)",{"nodes":217,"edges":227},[218,222],{"id":219,"type":220,"label":221,"file":179,"line":142},"n0","source","$_REQUEST",{"id":223,"type":224,"label":225,"file":179,"line":163,"wp_function":226},"n1","sink","echo() [XSS]","echo",[228],{"from":219,"to":223,"sanitized":128},"low",{"entryPoint":231,"graph":232,"unsanitizedCount":27,"severity":229},"wpjobs_ajax_process (wp-jobs.php:404)",{"nodes":233,"edges":246},[234,236,240,244],{"id":219,"type":220,"label":221,"file":78,"line":235},412,{"id":223,"type":224,"label":237,"file":78,"line":238,"wp_function":239},"update_option() [Settings Manipulation]",413,"update_option",{"id":241,"type":220,"label":242,"file":78,"line":243},"n2","$_REQUEST['send_mail']",414,{"id":245,"type":224,"label":237,"file":78,"line":243,"wp_function":239},"n3",[247,248],{"from":219,"to":223,"sanitized":130},{"from":241,"to":245,"sanitized":130},{"entryPoint":250,"graph":251,"unsanitizedCount":27,"severity":229},"\u003Cwp-jobs> (wp-jobs.php:0)",{"nodes":252,"edges":257},[253,254,255,256],{"id":219,"type":220,"label":221,"file":78,"line":235},{"id":223,"type":224,"label":237,"file":78,"line":238,"wp_function":239},{"id":241,"type":220,"label":242,"file":78,"line":243},{"id":245,"type":224,"label":237,"file":78,"line":243,"wp_function":239},[258,259],{"from":219,"to":223,"sanitized":130},{"from":241,"to":245,"sanitized":130},{"entryPoint":261,"graph":262,"unsanitizedCount":142,"severity":54},"\u003Capplicationform> (template-files\\applicationform.php:0)",{"nodes":263,"edges":281},[264,266,267,270,274,276],{"id":219,"type":220,"label":265,"file":149,"line":64},"$_POST (x5)",{"id":223,"type":224,"label":225,"file":149,"line":167,"wp_function":226},{"id":241,"type":220,"label":268,"file":149,"line":269},"$_POST",14,{"id":245,"type":224,"label":271,"file":149,"line":272,"wp_function":273},"get_results() [SQLi]",142,"get_results",{"id":275,"type":220,"label":268,"file":149,"line":269},"n4",{"id":277,"type":224,"label":278,"file":149,"line":279,"wp_function":280},"n5","get_var() [SQLi]",189,"get_var",[282,283,284],{"from":219,"to":223,"sanitized":128},{"from":241,"to":245,"sanitized":128},{"from":275,"to":277,"sanitized":128},{"entryPoint":286,"graph":287,"unsanitizedCount":211,"severity":54},"\u003Cwpjobs_applications> (wpjobs_applications.php:0)",{"nodes":288,"edges":293},[289,291],{"id":219,"type":220,"label":221,"file":194,"line":290},11,{"id":223,"type":224,"label":271,"file":194,"line":292,"wp_function":273},59,[294],{"from":219,"to":223,"sanitized":128},{"summary":296,"deductions":297},"The \"wp-jobs\" plugin v2.3.1 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and includes a nonce check. The absence of file operations and external HTTP requests further reduces potential attack vectors. However, significant concerns arise from the code analysis, particularly the 59% rate of properly escaped outputs. This indicates a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. The taint analysis reveals 3 flows with unsanitized paths, including 2 of high severity, suggesting potential for code execution or sensitive data compromise if these flows are exploitable by attackers. The plugin's vulnerability history, with 2 past CVEs (one high and one medium severity) related to XSS and SQL injection, reinforces these concerns. Although there are no currently unpatched CVEs, the recurring nature of these vulnerability types, coupled with the static analysis findings, suggests a need for improved input sanitization and output escaping practices. The plugin has a relatively small attack surface with no unprotected entry points, which is positive, but the internal code quality issues pose a significant threat.",[298,301,303,305,307],{"reason":299,"points":300},"High rate of unescaped output",15,{"reason":302,"points":64},"Taint flows with unsanitized paths (High severity)",{"reason":304,"points":93},"Past high severity SQL injection vulnerability",{"reason":306,"points":142},"Past medium severity XSS vulnerability",{"reason":308,"points":309},"Taint flows with unsanitized paths",6,"2026-03-16T21:42:30.751Z",{"wat":312,"direct":322},{"assetPaths":313,"generatorPatterns":318,"scriptPaths":319,"versionParams":320},[314,315,316,317],"\u002Fwp-content\u002Fplugins\u002Fwp-jobs\u002Fcss\u002Fbootstrap-responsive.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-jobs\u002Fcss\u002Fbootstrap.min.css","\u002Fwp-content\u002Fplugins\u002Fwp-jobs\u002Fcss\u002Fstyles.css","\u002Fwp-content\u002Fplugins\u002Fwp-jobs\u002Fjs\u002Fbootstrap.min.js",[],[317],[321],"wp-jobs\u002Fcss\u002Fstyles.css?ver=",{"cssClasses":323,"htmlComments":325,"htmlAttributes":326,"restEndpoints":327,"jsGlobals":328,"shortcodeOutput":329},[324],"wp_jobs_designation",[],[],[],[],[]]