CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

154 matches found

CVE•added 2025/02/25 2:17 p.m.•53 views

CVE-2025-26938

CVE-2025-26938 is a stored XSS in the Countdown Timer block for WordPress (Countdown Timer plugin). It affects version 1.2.6 and earlier (Authenticated: Contributor+). The issue arises during countdown display, allowing input neutralization failures in the block’s rendering. A patch exists in 1.2...

6.5CVSS7.2AI score0.00252EPSS

Exploits0References1

Vulnrichment•added 2025/02/25 2:17 p.m.•3 views

CVE-2025-26938 WordPress Countdown Timer block plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Countdown Timer countdown-time allows Stored XSS.This issue affects Countdown Timer: from n/a through = 1.2.6...

6.5CVSS8.6AI score0.00252EPSS

Exploits0References1

Cvelist•added 2025/02/25 2:17 p.m.•11 views

CVE-2025-26938 WordPress Countdown Timer block plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00252EPSS

Exploits0References1

CNNVD•added 2025/02/25 12:0 a.m.•1 views

WordPress plugin Countdown Timer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.5CVSS8.3AI score0.00252EPSS

Exploits0References3

Positive Technologies•added 2025/02/25 12:0 a.m.•2 views

PT-2025-7856 · Unknown · Bplugins Countdown Timer

Name of the Vulnerable Software and Affected Versions: bPlugins Countdown Timer versions 1.2.6 and earlier Description: The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site Scripting XSS vulnerability. This allows for Stored XSS attacks...

6.5CVSS8.4AI score0.00252EPSS

Exploits0References4

Patchstack•added 2025/02/23 2:33 p.m.•3 views

WordPress Countdown Timer block plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Logan Cote Patchstack Alliance in WordPress Plugin Countdown Timer versions = 1.2.6...

6.5CVSS6.1AI score0.00252EPSS

Exploits0Affected Software1

ATTACKERKB•added 2025/01/16 8:15 p.m.•2 views

CVE-2025-23699

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in techmix Event Countdown Timer Plugin by TechMix event-countdown-timer allows Reflected XSS.This issue affects Event Countdown Timer Plugin by TechMix: from n/a through = 1.4...

7.1CVSS7.2AI score0.00305EPSS

Exploits0References3

NVD•added 2025/01/16 8:15 p.m.•10 views

CVE-2025-23699

7.1CVSS0.00305EPSS

Exploits0References1

Cvelist•added 2025/01/16 8:6 p.m.•14 views

CVE-2025-23699 WordPress Event Countdown Timer Plugin by TechMix plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00305EPSS

Exploits0References1

CVE•added 2025/01/16 8:6 p.m.•54 views

CVE-2025-23699

CVE-2025-23699 — Reflected XSS in TechMix Event Countdown Timer Plugin for WordPress (Event Countdown Timer by TechMix). Affected: Plugin versions up to 1.4 (and possibly n/a), vulnerable code path during web page generation allowing Reflected XSS. CVSS v3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L; ...

7.1CVSS7.2AI score0.00305EPSS

Exploits0References1

Vulnrichment•added 2025/01/16 8:6 p.m.•12 views

CVE-2025-23699 WordPress Event Countdown Timer Plugin by TechMix plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TechMix Event Countdown Timer Plugin by TechMix allows Reflected XSS.This issue affects Event Countdown Timer Plugin by TechMix: from n/a through 1.4...

7.1CVSS7.1AI score0.00305EPSS

Exploits0References1

Patchstack•added 2025/01/16 6:42 p.m.•4 views

WordPress Event Countdown Timer Plugin by TechMix plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Muhamad Agil Fachrian in WordPress Plugin Event Countdown Timer Plugin by TechMix versions = 1.4...

7.1CVSS6.1AI score0.00305EPSS

Exploits0Affected Software1

CNNVD•added 2025/01/16 12:0 a.m.•3 views

WordPress plugin Event Countdown Timer Plugin by TechMix 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in the WordPres...

7.1CVSS7.6AI score0.00305EPSS

Exploits0References1

NVD•added 2024/12/01 10:15 p.m.•13 views

CVE-2024-53743

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aezaz Shaikh Countdown Timer for Elementor countdown-timer-for-elementor allows Stored XSS.This issue affects Countdown Timer for Elementor: from n/a through = 1.3.6...

6.5CVSS0.00225EPSS

Exploits0References1

Cvelist•added 2024/12/01 9:29 p.m.•25 views

CVE-2024-53743 WordPress Countdown Timer for Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00225EPSS

Exploits0References1

CVE•added 2024/12/01 9:29 p.m.•45 views

CVE-2024-53743

CVE-2024-53743 describes a stored Cross-Site Scripting (XSS) flaw in the WordPress plugin Countdown Timer for Elementor (FlickDevs) affecting versions up to 1.3.6. The issue originates from improper neutralization of input during web page generation, enabling stored XSS. Public records indicate a...

6.5CVSS7.2AI score0.00225EPSS

Exploits0References1

Vulnrichment•added 2024/12/01 9:29 p.m.•11 views

CVE-2024-53743 WordPress Countdown Timer for Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability

6.5CVSS8.6AI score0.00225EPSS

Exploits0References1

CNNVD•added 2024/12/01 12:0 a.m.•2 views

WordPress plugin Countdown Timer for Elementor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS8.1AI score0.00225EPSS

Exploits0References1

Positive Technologies•added 2024/12/01 12:0 a.m.•2 views

PT-2024-35852 · Flickdevs · Flickdevs Countdown Timer For Elementor

Name of the Vulnerable Software and Affected Versions: FlickDevs Countdown Timer for Elementor versions 1.3.6 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows stored Cross-site Scripting XSS. This enables attackers to injec...

6.5CVSS8.9AI score0.00225EPSS

Exploits0References6

Patchstack•added 2024/11/28 11:48 a.m.•3 views

WordPress Countdown Timer for Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Countdown Timer for Elementor versions = 1.3.6...

6.5CVSS6.1AI score0.00225EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by