9 matches found
CVE-2025-12665
The Ninja Countdown | Fastest Countdown Builder plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ninjacountdownadminajax' AJAX endpoint in all versions up to, and including, 1.5.0. This makes it possible for authenticated attackers, with...
EUVD-2025-60939
The Ninja Countdown | Fastest Countdown Builder plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ninjacountdownadminajax' AJAX endpoint in all versions up to, and including, 1.5.0. This makes it possible for authenticated attackers, with...
CVE-2025-12665
The Ninja Countdown | Fastest Countdown Builder plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ninjacountdownadminajax' AJAX endpoint in all versions up to, and including, 1.5.0. This makes it possible for authenticated attackers, with...
CVE-2025-12665
CVE-2025-12665 describes a vulnerability in the WordPress plugin “Ninja Countdown | Fastest Countdown Builder” (versions up to 1.5.0). The issue is a missing capability check on the ninja_countdown_admin_ajax endpoint, enabling authenticated attackers with Subscriber-level access or higher to del...
CVE-2025-12665 Ninja Countdown <= 1.5.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Countdown Deletion
The Ninja Countdown | Fastest Countdown Builder plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ninjacountdownadminajax' AJAX endpoint in all versions up to, and including, 1.5.0. This makes it possible for authenticated attackers, with...
CVE-2025-12665 Ninja Countdown <= 1.5.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Countdown Deletion
The Ninja Countdown | Fastest Countdown Builder plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ninjacountdownadminajax' AJAX endpoint in all versions up to, and including, 1.5.0. This makes it possible for authenticated attackers, with...
WordPress plugin Ninja Countdown | Fastest Countdown Builder 安全漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blogging sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...
PT-2025-46289
Name of the Vulnerable Software and Affected Versions Ninja Countdown | Fastest Countdown Builder plugin for WordPress versions through 1.5.0 Description The plugin is susceptible to unauthorized data loss because of a missing capability check on the 'ninja countdown admin ajax' API endpoint...
WordPress Ninja Countdown plugin <= 1.5.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Countdown Deletion vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Countdown Deletion vulnerability discovered by Ivan Cese in WordPress Plugin Ninja Countdown versions = 1.5.0...