EUVD-2022-33759

Malicious code in bioql PyPI...

EUVD-2022-33761

Malicious code in bioql PyPI...

WordPress plugin Countdown & Clock 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Countdown

WordPress is a blogging platform developed using the PHP language. WordPress plugin Countdown & Clock 2.3.2 and previous versions have a cross-site scripting vulnerability, which can be exploited by attackers to perform cross-site scripting attacks...

CVE-2022-29423

Pro Features Lock Bypass vulnerability in Countdown & Clock plugin = 2.3.2 at WordPress...

CVE-2022-29422

Multiple Authenticated admin+ Persistent Cross-Site Scripting XSS vulnerabilities in Adam Skaat's Countdown & Clock plugin = 2.3.2 at WordPress via &ycd-countdown-width, &ycd-progress-height, &ycd-progress-width, &ycd-button-margin-top, &ycd-button-margin-right, &ycd-button-margin-bottom,...

Security feature bypass

Pro Features Lock Bypass vulnerability in Countdown & Clock plugin = 2.3.2 at WordPress...

CVE-2022-29423

CVE-2022-29423 affects the WordPress Countdown & Clock plugin (versions prior to or including 2.3.2). The vulnerability is a Pro Features Lock Bypass, allowing high-privilege users to bypass pro-feature restrictions. Public exploitation status isn’t provided in the documents. Remediation guidance...

CVE-2022-29423 WordPress Countdown & Clock plugin <= 2.3.2 - Pro Features Lock Bypass vulnerability

Pro Features Lock Bypass vulnerability in Countdown & Clock plugin = 2.3.2 at WordPress...

CVE-2022-29422

CVE-2022-29422 concerns WordPress plugin Countdown & Clock (

CVE-2022-29422 WordPress Countdown & Clock plugin <= 2.3.2 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated admin+ Persistent Cross-Site Scripting XSS vulnerabilities in Adam Skaat's Countdown & Clock plugin = 2.3.2 at WordPress via &ycd-countdown-width, &ycd-progress-height, &ycd-progress-width, &ycd-button-margin-top, &ycd-button-margin-right, &ycd-button-margin-bottom,...

CVE-2022-29420

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Adam Skaat Countdown & Clock WordPress plugin countdown-builder allows Stored XSS.This issue affects Countdown & Clock WordPress plugin: from n/a through 2.3.2...

CVE-2022-29421

Reflected Cross-Site Scripting XSS vulnerability in Adam Skaat's Countdown & Clock plugin on WordPress via &ycdtype vulnerable parameter...

CVE-2022-29420 WordPress Countdown & Clock plugin <= 2.3.2 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Adam Skaat Countdown & Clock WordPress plugin countdown-builder allows Stored XSS.This issue affects Countdown & Clock WordPress plugin: from n/a through 2.3.2...

CVE-2022-29420

CVE-2022-29420 affects WordPress plugin Countdown & Clock (countdown-builder) up to version 2.3.2, enabling stored XSS. Root cause described as improper input handling during web page generation. Some sources indicate authenticated/admin-level context may be required for exploitation; others do n...

CVE-2022-29423

Pro Features Lock Bypass vulnerability in Countdown & Clock plugin = 2.3.2 at WordPress...

WordPress Countdown & Clock plugin <= 2.4.7 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Persistent Cross-Site Scripting XSS vulnerabilities discovered by Ex.Mi in WordPress Countdown & Clock plugin versions = 2.4.7. Solution No patched version is available...