diff --git a/.planning/phases/05-mentor-job-board/05-04-PLAN.md b/.planning/phases/05-mentor-job-board/05-04-PLAN.md
new file mode 100644
index 0000000..08c9c80
--- /dev/null
+++ b/.planning/phases/05-mentor-job-board/05-04-PLAN.md
@@ -0,0 +1,160 @@
+---
+phase: 05-mentor-job-board
+plan: 04
+type: execute
+depends_on: []
+files_modified: [includes/class-access-control.php]
+---
+
+<objective>
+Protect single job posts from public access and enable Elementor template creation for job detail pages.
+
+Purpose: Ensure individual job posts require login (consistent with archive protection) and provide infrastructure for Elementor Pro theme builder to create job detail templates.
+Output: Protected single job posts with access control, Elementor template guidance for user creation.
+</objective>
+
+<execution_context>
+~/.claude/get-shit-done/workflows/execute-plan.md
+./summary.md
+~/.claude/get-shit-done/references/checkpoints.md
+</execution_context>
+
+<context>
+@.planning/PROJECT.md
+@.planning/ROADMAP.md
+@.planning/STATE.md
+
+# Prior work this plan builds on:
+@.planning/phases/01-foundation-setup/01-02-SUMMARY.md
+@.planning/phases/01-foundation-setup/01-03-SUMMARY.md
+@.planning/phases/05-mentor-job-board/05-01-SUMMARY.md
+@.planning/phases/05-mentor-job-board/05-02-SUMMARY.md
+@.planning/phases/05-mentor-job-board/05-03-SUMMARY.md
+
+# Source files:
+@includes/class-access-control.php
+
+**Tech stack available:** template_redirect hook, is_singular(), is_user_logged_in(), Elementor Pro Theme Builder
+**Established patterns:**
+- Access control via template_redirect hook (Phase 02-04, 05-01)
+- Redirect to /anbieter-login/ for non-logged-in users (Phase 05-01)
+- ACF fields available for Elementor integration (Phase 01-03)
+- Logo with 200x200px auto-crop (Phase 05-03)
+- Application form available for popup/modal (Phase 05-02)
+
+**Constraining decisions:**
+- Phase 05-01: Archive protection redirects to /anbieter-login/ using home_url() for consistency
+- Phase 05-01: Access control uses template_redirect hook at priority 10
+- PROJECT.md: All job content requires login (line 37: "Public job listings — all content requires login")
+- PROJECT.md: Job detail page with apply button → popup form → email to provider
+- Phase 01-03: All job fields available as ACF fields (title, description, location, type, contact_email, logo)
+- Phase 05-02: Application form created with key 'job_application', ready for Elementor integration
+</context>
+
+<tasks>
+
+<task type="auto">
+  <name>Task 1: Add single job post access control</name>
+  <files>includes/class-access-control.php</files>
+  <action>Add method protect_single_job() following the exact pattern from protect_job_archive(). Method should: (1) Hook to template_redirect at priority 10, (2) Check if current page is single job_offer post using is_singular('job_offer'), (3) If not logged in, redirect to home_url('/anbieter-login/') using wp_safe_redirect and exit, (4) If logged in, allow access (no role check - any logged-in user can view jobs, including mentors/subscribers and providers). Register hook in existing setup_hooks() method by adding add_action('template_redirect', array(__CLASS__, 'protect_single_job')). This ensures consistency with archive protection and matches PROJECT.md requirement that all job content requires login.</action>
+  <verify>Check class-access-control.php contains protect_single_job() method. Verify method uses is_singular('job_offer') check. Confirm redirect uses home_url('/anbieter-login/') matching archive pattern. Verify hook registered in setup_hooks().</verify>
+  <done>Single job post protection method exists, follows archive protection pattern, redirects non-logged-in users to /anbieter-login/, hook registered in setup_hooks()</done>
+</task>
+
+<task type="checkpoint:human-verify" gate="blocking">
+  <what-built>Backend infrastructure complete - single job posts now protected from public access, all ACF fields and forms available for Elementor integration</what-built>
+  <how-to-verify>
+    **Backend verification (automated):**
+    1. While logged out, try to access a single job post URL (e.g., /jobangebote/test-job/)
+    2. Confirm redirect to /anbieter-login/ page
+    3. Log in as mentor/subscriber
+    4. Confirm job post loads successfully
+
+    **Elementor template creation (manual - UI work):**
+    The Elementor template is created through WordPress admin UI, not via code. Here's what's available:
+
+    **Available ACF Fields for Elementor:**
+    - job_title (post title - use Post Title widget)
+    - job_description (post content - use Post Content widget)
+    - job_location (ACF field)
+    - job_type (ACF field)
+    - job_contact_email (ACF field)
+    - job_logo (ACF image field, returns ID, has 'job-logo' size at 200x200px)
+
+    **Application Form Integration:**
+    - Form key: 'job_application'
+    - Can be embedded via Elementor Shortcode widget: [formidable id="job_application"]
+    - Or use popup/modal trigger with Elementor Pro
+    - Form automatically includes hidden job_id field and sends email to job_contact_email
+
+    **Template Creation Steps:**
+    1. WordPress Admin → Templates → Theme Builder → Single
+    2. Create new single template with condition: Single | Post Type | job_offer
+    3. Add Elementor widgets:
+       - Post Title for job title
+       - Post Content for job description
+       - ACF widgets for location, type, contact email
+       - Image widget for logo (select ACF field job_logo, size: job-logo)
+       - Button/Popup for application form
+    4. Preview with any published job post
+    5. Publish template
+
+    **What to verify:**
+    - All job fields display correctly
+    - Logo displays at 200x200px (cropped)
+    - Apply button triggers form (popup or inline)
+    - Form submission sends email to job provider
+    - Only logged-in users can access page
+  </how-to-verify>
+  <resume-signal>Type "approved" when backend verified and Elementor template guidance noted, or describe any issues</resume-signal>
+</task>
+
+</tasks>
+
+<verification>
+Before declaring plan complete:
+- [ ] Single job post protection method exists in class-access-control.php
+- [ ] Non-logged-in users redirected to /anbieter-login/ when accessing single job posts
+- [ ] Logged-in users can access single job posts
+- [ ] Redirect pattern matches archive protection (home_url, wp_safe_redirect)
+- [ ] Hook registered in setup_hooks() method
+</verification>
+
+<success_criteria>
+
+- Single job post access control implemented following archive protection pattern
+- Non-logged-in users cannot access individual job posts
+- Logged-in users (mentors, providers) can access job posts
+- Redirect to /anbieter-login/ consistent with archive protection
+- Elementor template guidance provided for manual UI work
+- Phase 5 complete - mentor job board fully functional (backend infrastructure)
+  </success_criteria>
+
+<output>
+After completion, create `.planning/phases/05-mentor-job-board/05-04-SUMMARY.md`:
+
+# Phase 5 Plan 4: Job Detail Page Summary
+
+**[Substantive one-liner - what shipped, not "phase complete"]**
+
+## Accomplishments
+
+- [Key outcome 1]
+- [Key outcome 2]
+
+## Files Created/Modified
+
+- `includes/class-access-control.php` - Description
+
+## Decisions Made
+
+[Key decisions and rationale, or "None"]
+
+## Issues Encountered
+
+[Problems and resolutions, or "None"]
+
+## Next Step
+
+Phase 5 complete. Elementor template creation is manual UI work through WordPress admin. Ready for Phase 6: Email Notifications (mentor opt-in and async processing).
+</output>