CVE-2025-1310 - Vulnerability Details

- Jobs for WordPress <= 2.7.11 - Authenticated (Subscriber+) Arbitrary File Read

Description

The Jobs for WordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.7.11 via the 'job_postings_get_file' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.

Published: 2025-03-26

Score: 6.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The jobs for WordPress plugin contains a directory traversal flaw triggered by the job_postings_get_file parameter. When an authenticated user with Subscriber-level access supplies a crafted value, the plugin resolves the path without proper sanitization, allowing the attacker to read the contents of arbitrary files on the server. This results in confidentiality loss; the attacker can obtain sensitive data such as configuration files or credentials. The vulnerability is a classic file path traversal, identified as CWE-22.

Affected Systems

The flaw affects the Job Postings plugin released by blueglassch, versions up to and including 2.7.11. Sites running any of those plugin versions and granting Subscriber-level roles are potentially exposed. No higher versions are reported as affected.

Risk and Exploitability

The CVSS score of 6.5 reflects moderate severity, while an EPSS score of 1% indicates a low, but non-zero, probability of exploitation. The vulnerability is not listed in CISA's KEV catalog, suggesting no publicly known exploits as of now. Attackers must first authenticate with Subscriber or higher privileges, so the risk is contained to sites with such user bases. Once authenticated, they could read files on the server, exposing data but not necessarily gaining code execution.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

blueglassch

Job Postings

unaffected

Version	Status	Constraints
`0`	affected	≤ 2.7.11

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade to the latest Job Postings plugin version (2.7.12 or later), which removes the directory traversal flaw.
Restrict Subscriber-level access so that only trusted users can interact with the plugin’s file retrieval endpoint.
Implement server-side input validation and file permission controls to prevent arbitrary file reads, following CWE-22 mitigation practices.

Generated by OpenCVE AI on April 21, 2026 at 21:40 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-8130	The Jobs for WordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.7.11 via the 'job_postings_get_file' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00617.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://plugins.trac.wordpress.org/browser/job-postings/tags/2.7.11/include/class-job-get-uploaded-file.php#L91
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3257145%40job-postings&new=3257145%40job-postings&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/408312d3-9a9e-4b6b-9991-aee6b77745b2?source=cve

History

Wed, 26 Mar 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 26 Mar 2025 09:45:00 +0000

Type	Values Removed	Values Added
Description		The Jobs for WordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.7.11 via the 'job_postings_get_file' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Title		Jobs for WordPress <= 2.7.11 - Authenticated (Subscriber+) Arbitrary File Read
Weaknesses		CWE-22
References		https://plugins.trac.wordpress.org/browser/job-postings/tags/2.7.11/include/class-job-get-uploaded-file.php#L91 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3257145%40job-postings&new=3257145%40job-postings&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/408312d3-9a9e-4b6b-9991-aee6b77745b2?source=cve
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}`

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2025-03-26T09:21:40.858Z

Updated: 2026-04-08T16:48:25.811Z

Reserved: 2025-02-14T19:54:56.139Z

Link: CVE-2025-1310

Vulnrichment

Updated: 2025-03-26T13:50:30.967Z

NVD

Status : Deferred

Published: 2025-03-26T10:15:14.653

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-1310

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-21T21:45:25Z

Weaknesses

CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object