Known Vulnerabilities for products from Nicdark
Listed below are 8 of the newest known vulnerabilities associated with the vendor "Nicdark".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-63001 json | Not Provided | 2025-12-31 | 2026-04-01 | |
| CVE-2025-53259 json | Not Provided | 2025-06-27 | 2026-04-01 | |
| CVE-2025-47498 json | Not Provided | 2025-05-07 | 2026-04-01 | |
| CVE-2025-39526 json | Not Provided | 2025-04-17 | 2026-04-01 | |
| CVE-2024-5220 json | The ND Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's upload feature in all ve... | Not Provided | 2024-05-25 | 2026-04-08 |
| CVE-2023-1273 json | The ND Shortcodes WordPress plugin before 7.0 does not validate some shortcode attributes before using them to generate paths... | 8.8 - HIGH | 2023-07-04 | 2023-11-07 |
| CVE-2023-1155 json | The Cost Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the nd_cc_meta_box_cc_price_icon pa... | Not Provided | 2023-03-02 | 2026-04-08 |
| CVE-2023-0165 json | The Cost Calculator WordPress plugin through 1.8 does not validate and escape some of its shortcode attributes before outputt... | 5.4 - MEDIUM | 2023-03-06 | 2023-11-07 |
| CVE-2022-29443 json | Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark's Hotel... | 5.4 - MEDIUM | 2022-06-15 | 2022-06-24 |
| CVE-2022-27859 json | Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark d.o.o. ... | 5.4 - MEDIUM | 2022-06-15 | 2022-06-23 |
| CVE-2022-4623 json | The ND Shortcodes WordPress plugin before 7.0 does not validate and escape numerous of its shortcode attributes before output... | 5.4 - MEDIUM | 2023-07-04 | 2023-11-07 |
| CVE-2021-24821 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2022-03-07 | 2022-03-11 |