What the vulnerability does
01Description
Missing Authorization vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through <= 2.4.4.
Explanation of Vulnerability in Simple Terms
02Summary
WP Job Portal versions 2.4.4 and earlier lack proper authorization checks, allowing unauthenticated attackers to read sensitive data. An attacker can access information without logging in or requiring any special privileges. Site administrators should update to a version newer than 2.4.4 immediately to prevent unauthorized data exposure.
What an attacker can do
03Attacker Capabilities
Read sensitive data from the site without logging in.
Potential impact on your site
04Site Impact
Confidential information may be exposed to anyone on the internet without restriction.
Conditions required to exploit
05Prerequisites
Network access only; no authentication or user interaction required.
Key dates
06Disclosure timeline
February 20, 2026
CVE published
April 28, 2026
Record updated