CVE-2023-47533

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in wpdevart Countdown and CountUp, WooCommerce Sales Timer plugin = 1.8.2 versions...

WordPress Plugin Countdown and CountUp, WooCommerce Sales Timer Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2021-34636

The Countdown and CountUp, WooCommerce Sales Timers WordPress plugin is vulnerable to Cross-Site Request Forgery via the savetheme function found in the /includes/admin/coundownthemepage.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up t...

CVE-2021-34636

The Countdown and CountUp, WooCommerce Sales Timers WordPress plugin is vulnerable to Cross-Site Request Forgery via the savetheme function found in the /includes/admin/coundownthemepage.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up t...

CVE-2021-34636 Countdown and CountUp, WooCommerce Sales Timer <= 1.5.7 Cross-Site Request Forgery to Stored Cross-Site Scripting

The Countdown and CountUp, WooCommerce Sales Timers WordPress plugin is vulnerable to Cross-Site Request Forgery via the savetheme function found in the /includes/admin/coundownthemepage.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up t...