CVE-2025-67916

WordPress Jobify theme <= 4.3.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Astoundify Jobify jobify allows Reflected XSS.This issue affects Jobify: from n/a through <= 4.3.0.

We have discovered 362 live websites that are affected by CVE-2025-67916.

Run a Free Instant Scan



Affected Software

Product  Jobify
Category Wordpress Themes
Vulnerable Domains362 live websites (67% of Jobify install base)
Vulnerable Versions
  • from 0 through 4.3
Vulnerable Versions Count34 versions ( 81% of all versions)



Details

  • Published - Jan 8, 2026
  • Updated - Apr 1, 2026

Credits

  • João Pedro S Alcântara (Kinorth) | Patchstack Bug Bounty Program (finder)

Website Distribution by Country

Number of websites using CVE-2025-67916
United States111 websites


GB50 websites
Germany37 websites
France35 websites
Netherlands29 websites
Canada14 websites
Australia9 websites
Switzerland8 websites
Spain7 websites
India4 websites

Website Distribution by TLD

Number of websites using CVE-2025-67916
.com150 websites
.nl30 websites
.co.uk26 websites
.de23 websites
.fr19 websites
.org10 websites
.ca10 websites
.ch9 websites
.net9 websites
.com.au8 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2025-67916

Top websites that are affected by CVE-2025-67916. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
********.com United States*,***
********.de United States***,***
***********.com United States***,***
**********.co United States***,***
**********.**.uk United States***,***
********************.com United States*,***,***
*************.com France*,***,***
*******************.**.uk GB*,***,***
************.fr France*,***,***
**********.de Germany*,***,***
See full domain list

FAQ

A total of 362 websites have been identified as vulnerable to CVE-2025-67916, based on global website indexing conducted by WebTechSurvey.
The Jobify is affected by the CVE-2025-67916 vulnerability.
Jobify versions up to and including 4.3 are vulnerable to CVE-2025-67916.