154 matches found
EUVD-2025-60934
The WP Count Down Timer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters of the 'wpcountdowntimer' shortcode in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-12668
CVE-2025-12668 affects the WordPress plugin WP Count Down Timer for WordPress, specifically versions up to and including 1.0.1. The vulnerability is a Stored Cross-Site Scripting (Stored XSS) exploitable through multiple parameters of the shortcode wp_countdown_timer, caused by insufficient input...
CVE-2025-12668 WP Count Down Timer <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WP Count Down Timer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters of the 'wpcountdowntimer' shortcode in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-12668 WP Count Down Timer <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WP Count Down Timer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters of the 'wpcountdowntimer' shortcode in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
PT-2025-46291
Name of the Vulnerable Software and Affected Versions WP Count Down Timer plugin for WordPress versions up to and including 1.0.1 Description The WP Count Down Timer plugin for WordPress is susceptible to Stored Cross-Site Scripting through multiple parameters of the wp countdown timer shortcode...
CVE-2025-52736
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Daman Jeet Finale Lite finale-woocommerce-sales-countdown-timer-discount allows Reflected XSS.This issue affects Finale Lite: from n/a through = 2.20.0...
CVE-2025-49908
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPClever WPC Countdown Timer for WooCommerce wpc-countdown-timer allows Stored XSS.This issue affects WPC Countdown Timer for WooCommerce: from n/a through = 3.1.4...
EUVD-2025-35494
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Daman Jeet Finale Lite finale-woocommerce-sales-countdown-timer-discount allows Reflected XSS.This issue affects Finale Lite: from n/a through = 2.20.0...
EUVD-2025-35546
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPClever WPC Countdown Timer for WooCommerce wpc-countdown-timer allows Stored XSS.This issue affects WPC Countdown Timer for WooCommerce: from n/a through = 3.1.4...
CVE-2025-52736
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Daman Jeet Finale Lite finale-woocommerce-sales-countdown-timer-discount allows Reflected XSS.This issue affects Finale Lite: from n/a through = 2.20.0...
CVE-2025-49908
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPClever WPC Countdown Timer for WooCommerce wpc-countdown-timer allows Stored XSS.This issue affects WPC Countdown Timer for WooCommerce: from n/a through = 3.1.4...
CVE-2025-49908 WordPress WPC Countdown Timer for WooCommerce plugin <= 3.1.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPClever WPC Countdown Timer for WooCommerce wpc-countdown-timer allows Stored XSS.This issue affects WPC Countdown Timer for WooCommerce: from n/a through = 3.1.4...
CVE-2025-49908
CVE-2025-49908 affects WPClever WPC Countdown Timer for WooCommerce (plugin: wpc-countdown-timer). Versions up to and including 3.1.4 suffer from improper input neutralization during web page generation, enabling Stored Cross-Site Scripting (XSS). Impact per the sources is stored XSS impacting us...
CVE-2025-49908 WordPress WPC Countdown Timer for WooCommerce plugin <= 3.1.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPClever WPC Countdown Timer for WooCommerce wpc-countdown-timer allows Stored XSS.This issue affects WPC Countdown Timer for WooCommerce: from n/a through = 3.1.4...
WordPress plugin WPC Countdown Timer for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-43176
Name of the Vulnerable Software and Affected Versions WPClever WPC Countdown Timer for WooCommerce versions through 3.1.4 Description The WPC Countdown Timer for WooCommerce software contains a flaw due to improper neutralization of input during web page generation, which allows for Stored...
WordPress WPC Countdown Timer for WooCommerce plugin <= 3.1.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WPC Countdown Timer for WooCommerce versions = 3.1.4...
EUVD-2020-24003
Malware in sbrugna...
EUVD-2025-3355
Malicious code in bioql PyPI...
EUVD-2024-52075
Malicious code in bioql PyPI...