Platform
wordpress
Component
wpjobboard
Fixed in
5.11.1
CVE-2025-30967 describes a critical Remote Code Execution (RCE) vulnerability within the WPJobBoard WordPress plugin. This flaw allows an attacker to leverage Cross-Site Request Forgery (CSRF) to upload a malicious web shell to the web server, granting them unauthorized access and control. The vulnerability impacts versions of WPJobBoard from 0.0 up to and including 5.11.1; upgrading to version 5.11.1 resolves the issue.
The impact of CVE-2025-30967 is severe. Successful exploitation allows an attacker to upload a web shell, effectively providing them with a backdoor into the web server. This can lead to complete compromise of the WordPress site, including data exfiltration, modification of website content, and potentially access to the underlying server infrastructure. The CSRF nature of the vulnerability means an attacker doesn't necessarily need to authenticate to exploit it, making it particularly dangerous. A web shell allows for arbitrary code execution, enabling attackers to install malware, pivot to other systems on the network, and disrupt services.
CVE-2025-30967 was publicly disclosed on 2025-04-15. The vulnerability's CSRF nature and the ease of web shell deployment suggest a moderate probability of exploitation. Public proof-of-concept (PoC) code is likely to emerge, further increasing the risk. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns targeting WPJobBoard installations.
Exploit Status
EPSS
0.12% (31% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-30967 is to immediately upgrade the WPJobBoard plugin to version 5.11.1 or later. If upgrading is not immediately feasible due to compatibility concerns or breaking changes, consider implementing a temporary workaround by restricting file upload permissions within the WordPress environment. Specifically, limit the allowed file types and directories accessible for uploads. Web Application Firewalls (WAFs) can be configured to detect and block suspicious file upload attempts, particularly those involving common web shell extensions. Monitor WordPress logs for unusual activity, such as unexpected file uploads or modifications.
Update the WPJobBoard plugin to version 5.11.1 or higher to mitigate the CSRF vulnerability that could allow remote code execution. Ensure you back up your website before updating the plugin. Verify the update compatibility with other plugins and themes.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-30967 is a critical Remote Code Execution vulnerability in the WPJobBoard WordPress plugin, allowing attackers to upload web shells via CSRF.
You are affected if you are using WPJobBoard versions 0.0 through 5.11.1. Immediately check your plugin version and upgrade if necessary.
Upgrade the WPJobBoard plugin to version 5.11.1 or later. If immediate upgrade is not possible, implement temporary workarounds like restricting file upload permissions.
While no active exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest a moderate probability of exploitation.
Refer to the official WPJobBoard website and WordPress plugin repository for the latest security advisories and updates related to CVE-2025-30967.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.