WP-Safety
CVE-2026-24941

WP Job Portal <= 2.4.4 - Missing Authorization

mediumMissing Authorization
5.3
CVSS Score
5.3
CVSS Score
medium
Severity
2.4.5
Patched in
7d
Time to patch

Description

The WP Job Portal – AI-Powered Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 2.4.4. This makes it possible for unauthenticated attackers to perform an unauthorized action.

CVSS Vector Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
None
Confidentiality
Low
Integrity
None
Availability

Technical Details

Affected versions<=2.4.4
PublishedFebruary 3, 2026
Last updatedFebruary 9, 2026
Affected pluginwp-job-portal

What Changed in the Fix

Changes introduced in v2.4.5

Loading patch diff...

Source Code

WordPress.org SVN
Vulnerable v2.4.4
Browse source Download .zip
Patched v2.4.5
Browse source Download .zip
Research Plan
Unverified

# Exploitation Research Plan - CVE-2026-24941 (WP Job Portal <= 2.4.4) ## 1. Vulnerability Summary The **WP Job Portal** plugin (up to version 2.4.4) contains a **Missing Authorization** vulnerability in its user registration handling logic. Specifically, the function `wpjobportal_registration_save…

Show full research plan

Exploitation Research Plan - CVE-2026-24941 (WP Job Portal <= 2.4.4)

1. Vulnerability Summary

The WP Job Portal plugin (up to version 2.4.4) contains a Missing Authorization vulnerability in its user registration handling logic. Specifically, the function wpjobportal_registration_save in includes/wpjobportal-hooks.php fails to properly validate authorization and contains flawed nonce verification logic. This allows unauthenticated attackers to assign themselves specific plugin-defined roles (e.g., 'Employer') during registration, which may grant them unauthorized access to recruitment features or data management capabilities.

The flaw is particularly notable for an inverted nonce check: the logic that updates the user's role only executes if the provided nonce is invalid.

2. Attack Vector Analysis

  • Endpoint: wp-login.php?action=register (standard WordPress registration)
  • Hook: user_register triggers wpjobportal_registration_save.
  • Parameters:
    • jobs_role: The desired role ID (1 for Employer, 2 for Job Seeker).
    • wpjobportal_jobs_register_nonce: Any non-empty string that fails wp_verify_nonce.
  • Authentication: Unauthenticated.
  • Preconditions: WordPress user registration must be enabled (users_can_register option set to `
References
https://www.wordfence.com/threat-intel/vulnerabilities/id/b613d4ab-6e96-428b-b853-bda5950a6027?source=api-prod

Check if your site is affected.

Run a free security audit to detect vulnerable plugins, outdated versions, and misconfigurations.

Run free audit Browse CVE database