Lucene search

K
patchstackRasi Afeef (Patchstack Alliance)PATCHSTACK:3255F0C6C88DCA334700CAFF9A82EE1E
HistoryNov 23, 2022 - 12:00 a.m.

WordPress Countdown Widget plugin <= 3.1.9.1 - Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS)

2022-11-2300:00:00
Rasi Afeef (Patchstack Alliance)
patchstack.com
9
wordpress
countdown widget
plugin
csrf
xss
rasi afeef
patchstack alliance
update

0.0004 Low

EPSS

Percentile

9.0%

Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) discovered by Rasi Afeef (Patchstack Alliance) in the WordPress Countdown Widget plugin (versions <= 3.1.9.1).

Solution

           Update the WordPress WordPress Countdown Widget plugin to the latest available version (at least 3.1.9.3).
CPENameOperatorVersion
wordpress countdown widgetle3.1.9.1

0.0004 Low

EPSS

Percentile

9.0%

Related for PATCHSTACK:3255F0C6C88DCA334700CAFF9A82EE1E