Lucene search
K

37 matches found

Cvelist
Cvelist
added 2024/11/13 2:2 a.m.26 views

CVE-2024-10887 NiceJob <= 3.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The NiceJob plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes nicejob-lead, nicejob-review, nicejob-engage, nicejob-badge, nicejob-stories in all versions up to, and including, 3.7.1 due to insufficient input sanitization and output escaping ...

6.4CVSS0.00447EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.4 views

WordPress plugin NiceJob 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS7.5AI score0.00447EPSS
Exploits0References7
NVD
NVD
added 2024/10/06 1:15 p.m.17 views

CVE-2024-44028

Cross-Site Request Forgery CSRF vulnerability in nicejob NiceJob nicejob allows Stored XSS.This issue affects NiceJob: from n/a through 3.6.5...

7.1CVSS0.00153EPSS
Exploits0References1
NVD
NVD
added 2024/10/06 1:15 p.m.9 views

CVE-2024-44025

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicejob NiceJob nicejob allows Stored XSS.This issue affects NiceJob: from n/a through 3.6.5...

6.5CVSS0.00251EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/06 12:44 p.m.11 views

CVE-2024-44025 WordPress NiceJob plugin < 3.6.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicejob NiceJob nicejob allows Stored XSS.This issue affects NiceJob: from n/a through 3.6.5...

6.5CVSS5.9AI score0.00251EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/06 12:44 p.m.19 views

CVE-2024-44025 WordPress NiceJob plugin < 3.6.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nicejob NiceJob nicejob allows Stored XSS.This issue affects NiceJob: from n/a through 3.6.5...

6.5CVSS0.00251EPSS
Exploits0References1
CVE
CVE
added 2024/10/06 12:44 p.m.37 views

CVE-2024-44025

CVE-2024-44025: WordPress NiceJob plugin is affected by a Stored XSS due to improper input neutralization during web page generation in versions before 3.6.5. Affected: NiceJob WordPress plugin

6.5CVSS5.9AI score0.00251EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/06 12:40 p.m.14 views

CVE-2024-44028 WordPress NiceJob plugin < 3.6.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in nicejob NiceJob nicejob allows Stored XSS.This issue affects NiceJob: from n/a through 3.6.5...

7.1CVSS5.2AI score0.00153EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/06 12:40 p.m.19 views

CVE-2024-44028 WordPress NiceJob plugin < 3.6.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in nicejob NiceJob nicejob allows Stored XSS.This issue affects NiceJob: from n/a through 3.6.5...

7.1CVSS0.00153EPSS
Exploits0References1
CVE
CVE
added 2024/10/06 12:40 p.m.44 views

CVE-2024-44028

CVE-2024-44028 affects the WordPress NiceJob plugin (NiceJob) prior to 3.6.5. It combines a CSRF flaw with a Stored XSS vulnerability, enabling stored cross-site scripting through unauthenticated CSRF actions. Affected versions:

7.1CVSS5.9AI score0.00153EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/06 12:0 a.m.3 views

WordPress plugin NiceJob 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

7.1CVSS6.7AI score0.00153EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/06 12:0 a.m.4 views

WordPress plugin NiceJob 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS6.2AI score0.00251EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/06 12:0 a.m.3 views

PT-2024-30891 · Nicejob · Nicejob

Name of the Vulnerable Software and Affected Versions: NiceJob versions prior to 3.6.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS on web pages created by NiceJob...

6.5CVSS5.8AI score0.00251EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/09/24 10:20 a.m.4 views

WordPress NiceJob plugin < 3.6.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

CSRF to Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin NiceJob versions 3.6.5...

7.1CVSS5.9AI score0.00153EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/09/24 10:8 a.m.3 views

WordPress NiceJob plugin < 3.6.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin NiceJob versions 3.6.5...

6.5CVSS6.1AI score0.00251EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.12 views

WordPress NiceJob Plugin < 3.6.5 is vulnerable to Cross Site Scripting (XSS)

Software NiceJob Type Plugin Vulnerable versions 3.6.5 Fixed in 3.6.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44025 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID afa3856f254d Credits stealthcopter Required privilege Contributor...

6.5CVSS6.8AI score0.00251EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/09/24 12:0 a.m.11 views

WordPress NiceJob Plugin < 3.6.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software NiceJob Type Plugin Vulnerable versions 3.6.5 Fixed in 3.6.5 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-44028 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ba7b34b9da8d Credits SOPROBRO Required...

7.1CVSS7AI score0.00153EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder