CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The NiceJob plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes nicejob-lead, nicejob-review, nicejob-engage, nicejob-badge, nicejob-stories in all versions up to, and including, 3.7.1 due to insufficient input sanitization and output escaping ...

6.4CVSS7.4AI score0.00253EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 7:21 a.m.•3 views

CVE-2024-44025

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicejob NiceJob nicejob allows Stored XSS.This issue affects NiceJob: from n/a through 3.6.5...

6.5CVSS5.9AI score0.00193EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:15 a.m.•2 views

CVE-2024-54318

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicejob NiceJob nicejob allows Stored XSS.This issue affects NiceJob: from n/a through = 3.6.5...

6.5CVSS7.2AI score0.00197EPSS

Exploits0References1

RedhatCVE•added 2025/02/04 10:46 p.m.•3 views

CVE-2024-44028

Cross-Site Request Forgery CSRF vulnerability in nicejob NiceJob nicejob allows Stored XSS.This issue affects NiceJob: from n/a through 3.6.5...

7.1CVSS5.9AI score0.00141EPSS

Exploits0References1

NVD•added 2024/12/13 3:15 p.m.•10 views

CVE-2024-54318

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicejob NiceJob nicejob allows Stored XSS.This issue affects NiceJob: from n/a through = 3.6.5...

6.5CVSS0.00197EPSS

Exploits0References1

Vulnrichment•added 2024/12/13 2:25 p.m.•6 views

CVE-2024-54318 WordPress NiceJob plugin <= 3.6.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicejob NiceJob nicejob allows Stored XSS.This issue affects NiceJob: from n/a through = 3.6.5...

6.5CVSS8.6AI score0.00197EPSS

Exploits0References1

CVE•added 2024/12/13 2:25 p.m.•45 views

CVE-2024-54318

CVE-2024-54318 is a stored XSS in the NiceJob WordPress plugin (NiceJob) that affects versions up to 3.6.5. The issue arises from improper neutralization of input during web page generation, enabling stored Cross-Site Scripting. The Red Hat/Wordfence entries confirm the vulnerability and indicate...

6.5CVSS7.2AI score0.00197EPSS

Exploits0References1

Cvelist•added 2024/12/13 2:25 p.m.•14 views

CVE-2024-54318 WordPress NiceJob plugin <= 3.6.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicejob NiceJob nicejob allows Stored XSS.This issue affects NiceJob: from n/a through = 3.6.5...

6.5CVSS0.00197EPSS

Exploits0References1

Positive Technologies•added 2024/12/13 12:0 a.m.•1 views

PT-2024-36200 · Nicejob · Nicejob

Name of the Vulnerable Software and Affected Versions: NiceJob versions 3.6.5 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting XSS. Specifically, it is a Stored XSS vulnerability. This means that an...

6.5CVSS5.4AI score0.00197EPSS

Exploits0References3

CNNVD•added 2024/12/13 12:0 a.m.•1 views

WordPress plugin NiceJob 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS8AI score0.00197EPSS

Exploits0References1

Patchstack•added 2024/12/11 8:34 p.m.•1 views

WordPress NiceJob plugin <= 3.6.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin NiceJob versions = 3.6.5...

6.5CVSS6.1AI score0.00197EPSS

Exploits0Affected Software1

Patchstack•added 2024/11/26 12:16 a.m.•1 views

WordPress NiceJob plugin <= 3.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin NiceJob versions = 3.7.1...

6.4CVSS5.7AI score0.00253EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/11/26 12:0 a.m.•19 views

WordPress NiceJob Plugin <= 3.7.1 is vulnerable to Cross Site Scripting (XSS)

Software NiceJob Type Plugin Vulnerable versions = 3.7.1 Fixed in 3.7.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10887 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e99b9ef723fc Credits Peter Thaleikis Required...

6.4CVSS5.8AI score0.00253EPSS

Exploits0References3Affected Software1

NVD•added 2024/11/13 2:15 a.m.•9 views

CVE-2024-10887

6.4CVSS0.00253EPSS

Exploits0References7

Vulnrichment•added 2024/11/13 2:2 a.m.•10 views

CVE-2024-10887 NiceJob <= 3.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

The NiceJob plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes nicejob-lead, nicejob-review, nicejob-engage, nicejob-badge, nicejob-stories in all versions up to, and including, 3.6.5 due to insufficient input sanitization and output escaping ...

6.4CVSS6AI score0.00253EPSS

Exploits0References6

Cvelist•added 2024/11/13 2:2 a.m.•12 views

CVE-2024-10887 NiceJob <= 3.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS0.00253EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by