CVE Vulnerabilities

CVE-2026-12397

Published: Jul 13, 2026 | Modified: Jul 13, 2026
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io logo minimus.io logo echo.ai logo

The WP Job Portal WordPress plugin before 2.5.5 does not verify ownership when returning an employers contact email for a given job, allowing authenticated users with a subscriber-level (self-registerable) account to read other employers private account email addresses by enumerating job identifiers.

References