CVE-2026-12396
UNKNOWN
NVD
CVSS Score
0
Severity
UNKNOWN
Published
Jul 13, 2026
Vendor
unknown
Description
The WP Job Portal WordPress plugin before 2.5.5 does not perform capability or ownership checks before allowing job moderation actions, allowing authenticated users with a subscriber-level (self-registerable) account to approve, feature, or reject arbitrary jobs, including those owned by other users.