{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4758", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-03-24T08:42:06.937Z", "datePublished": "2026-03-25T23:26:02.312Z", "dateUpdated": "2026-04-08T17:30:46.880Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:30:46.880Z"}, "affected": [{"vendor": "wpjobportal", "product": "WP Job Portal \u2013 AI-Powered Recruitment System for Company or Job Board website", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.4.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php)."}], "title": "WP Job Portal <= 2.4.9 - Authenticated (Subscriber+) Arbitrary File Deletion via Resume Custom File Field", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e96f31e0-4b2e-4ea1-a3e5-fd7452a2fea9?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-job-portal/tags/2.4.9/includes/classes/customfields.php#L1558"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-job-portal/tags/2.5.0/includes/classes/customfields.php?rev=3490490#L1558"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "cweId": "CWE-22", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "daroo"}], "timeline": [{"time": "2026-03-24T08:57:49.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2026-03-25T10:39:46.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4758", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-26T17:36:58.561742Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T17:51:16.635Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4758", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-26T17:36:58.561742Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T17:49:01.901Z"}}], "cna": {"title": "WP Job Portal <= 2.4.9 - Authenticated (Subscriber+) Arbitrary File Deletion via Resume Custom File Field", "credits": [{"lang": "en", "type": "finder", "value": "daroo"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "wpjobportal", "product": "WP Job Portal \u2013 AI-Powered Recruitment System for Company or Job Board website", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.4.9"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-03-24T08:57:49.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2026-03-25T10:39:46.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e96f31e0-4b2e-4ea1-a3e5-fd7452a2fea9?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-job-portal/tags/2.4.9/includes/classes/customfields.php#L1558"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-job-portal/tags/2.5.0/includes/classes/customfields.php?rev=3490490#L1558"}], "descriptions": [{"lang": "en", "value": "The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php)."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:30:46.880Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4758", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:30:46.880Z", "dateReserved": "2026-03-24T08:42:06.937Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-03-25T23:26:02.312Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php)."}, {"lang": "es", "value": "El plugin WP Job Portal para WordPress es vulnerable a la eliminaci\u00f3n arbitraria de archivos debido a una validaci\u00f3n insuficiente de la ruta de archivo en la funci\u00f3n 'WPJOBPORTALcustomfields::removeFileCustom' en todas las versiones hasta la 2.4.9, inclusive. Esto hace posible que atacantes autenticados, con acceso de nivel Suscriptor o superior, eliminen archivos arbitrarios en el servidor, lo que puede conducir f\u00e1cilmente a la ejecuci\u00f3n remota de c\u00f3digo cuando se elimina el archivo correcto (como wp-config.php)."}], "id": "CVE-2026-4758", "lastModified": "2026-04-24T16:35:20.070", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-03-26T00:16:41.570", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wp-job-portal/tags/2.4.9/includes/classes/customfields.php#L1558"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wp-job-portal/tags/2.5.0/includes/classes/customfields.php?rev=3490490#L1558"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e96f31e0-4b2e-4ea1-a3e5-fd7452a2fea9?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.4.9]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "WP Job Portal \u2013 AI-Powered Recruitment System for Company or Job Board website", "source": "cna", "vendor": "wpjobportal"}, "product": "wp_job_portal_\u2013_ai-powered_recruitment_system_for_company_or_job_board_website", "vendor": "wpjobportal"}], "analysis": {"en": {"generated_at": "2026-03-26T00:53:41.545563+00:00", "value": {"mitigation_remediation": ["Update the WP Job Portal plugin to version 2.5.0 or newer.", "If the plugin cannot be updated immediately, restrict subscriber access to the file deletion functionality or disable the custom file field feature through the plugin settings.", "Backup critical files, especially wp-config.php, before making any changes.", "Monitor server logs for any unexpected file deletions to detect potential exploitation.", "Apply general WordPress hardening measures such as principle of least privilege and secure file permissions."], "summary": {"action": "Immediate Patch", "impact": "Arbitrary file deletion potentially enabling remote code execution"}, "threat_synthesis": {"affected_systems": "Environments running WordPress with the WP Job Portal plugin on any version up to and including 2.4.9 are affected. The vulnerability is exploitable by any role that the plugin grants through the subscriber role, which is common for users who apply for jobs or post resumes. Versions 2.5.0 and later have the issue fixed.", "description_and_impact": "The WP Job Portal plugin allows authenticated users with Subscriber level or higher to call the removeFileCustom method. Because the method does not validate the file path, an attacker can specify any server path and delete files. Removing critical files such as wp-config.php can compromise the entire WordPress installation, allowing code execution, defacement, or data loss.", "risk_and_exploitability": "The vulnerability carries a CVSS score of 8.8, classifying it as high severity. No EPSS value is available, and the flaw is not listed in CISA's KEV catalog. Attackers need valid subscriber credentials, but once authenticated, the path validation weakness permits deletion of arbitrary files, which can lead directly to remote code execution or denial of service. The attack vector is inferred to be local via legitimate user access, but the outcome can have system\u2013wide impact so it must be treated with urgency."}}}}, "created": "2026-03-26T11:31:12.120231+00:00", "updated": "2026-03-26T12:09:14.895780+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress", "wpjobportal", "wpjobportal$PRODUCT$wp_job_portal_\u2013_ai-powered_recruitment_system_for_company_or_job_board_website"]}