Browse all 4 CVE security advisories affecting nicejob. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Nicejob operates as a recruitment platform connecting job seekers with employers through its application tracking system. Historically, the service has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its four recorded CVEs. These weaknesses often stem from insufficient input validation and improper access controls in its web interface. While no major public security incidents have been documented, the consistent pattern of vulnerabilities suggests potential risks for user data exposure and unauthorized system access, particularly affecting candidate information and employer recruitment data.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-54318 | WordPress NiceJob plugin <= 3.6.5 - Cross Site Scripting (XSS) vulnerability — NiceJobCWE-79 | 6.5 | Medium | 2024-12-13 |
| CVE-2024-10887 | NiceJob <= 3.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — NiceJobCWE-79 | 6.4 | Medium | 2024-11-13 |
| CVE-2024-44025 | WordPress NiceJob plugin < 3.6.5 - Cross Site Scripting (XSS) vulnerability — NiceJobCWE-79 | 6.5 | Medium | 2024-10-06 |
| CVE-2024-44028 | WordPress NiceJob plugin < 3.6.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — NiceJobCWE-352 | 7.1 | High | 2024-10-06 |
This page lists every published CVE security advisory associated with nicejob. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.