Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nicdark nd shortcodes vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-1273
The ND Shortcodes WordPress plugin prior to 7.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks
Nicdark Nd Shortcodes
1 Github repository
5.4
CVSSv3
CVE-2022-4623
The ND Shortcodes WordPress plugin prior to 7.0 does not validate and escape numerous of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scri...
Nicdark Nd Shortcodes
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started