Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

53 matches found

NVD
NVDadded 2026/06/17 1:19 p.m.7 views

CVE-2026-12115

The Counter Box – Add Countdowns, Timers & Dynamic Counters to WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.0.13 via deserialization of untrusted input . This makes it possible for authenticated attackers, with administrator-level...

6.6CVSS0.00535EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/17 9:30 a.m.29 views

CVE-2026-12115 Counter Box <= 2.0.13 - Authenticated (Administrator+) PHP Object Injection via Import

The Counter Box – Add Countdowns, Timers & Dynamic Counters to WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.0.13 via deserialization of untrusted input . This makes it possible for authenticated attackers, with administrator-level...

6.6CVSS0.00535EPSS
Exploits0References6
CVE
CVEadded 2026/06/17 9:30 a.m.15 views

CVE-2026-12115

The vulnerability CVE-2026-12115 affects the WordPress plugin Counter Box (versions up to 2.0.13). It allows PHP Object Injection via deserialization of untrusted input and requires authenticated access at Administrator+ level. Deserialization occurs automatically during the post-import redirect ...

6.6CVSS6AI score0.00535EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-3907

Malicious code in bioql PyPI...

5.4CVSS8.9AI score0.00202EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-33784

Malicious code in bioql PyPI...

7.2CVSS7AI score0.00979EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-34523

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00443EPSS
Exploits2References1
RedhatCVE
RedhatCVEadded 2025/05/23 11:39 a.m.17 views

CVE-2025-24715

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Counter Box counter-box allows Cross Site Request Forgery.This issue affects Counter Box: from n/a through = 2.0.5...

5.4CVSS7.2AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 11:48 p.m.5 views

CVE-2022-2245

The Counter Box WordPress plugin before 1.2.1 is lacking CSRF check when activating and deactivating counters, which could allow attackers to make a logged in admin perform such actions via CSRF attacks...

8.8CVSS6.8AI score0.00443EPSS
Exploits2References1
Vulnrichment
Vulnrichmentadded 2025/03/01 5:30 a.m.5 views

CVE-2024-13901 Counter Box: Add Engaging Countdowns, Timers & Counters to Your WordPress Site <= 2.0.6 - Authenticated (Administrator+) DOM-Based Stored Cross-Site Scripting

The Counter Box: Add Engaging Countdowns, Timers & Counters to Your WordPress Site plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘content’ parameter in all versions up to, and including, 2.0.6 due to insufficient input sanitization and output escaping. This...

4.4CVSS4.3AI score0.00265EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/03/01 5:30 a.m.11 views

CVE-2024-13901 Counter Box: Add Engaging Countdowns, Timers & Counters to Your WordPress Site <= 2.0.6 - Authenticated (Administrator+) DOM-Based Stored Cross-Site Scripting

The Counter Box: Add Engaging Countdowns, Timers & Counters to Your WordPress Site plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘content’ parameter in all versions up to, and including, 2.0.6 due to insufficient input sanitization and output escaping. This...

4.4CVSS0.00265EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/03/01 12:0 a.m.3 views

WordPress plugin Counter Box 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

4.8CVSS7.5AI score0.00265EPSS
Exploits0References5
Patchstack
Patchstackadded 2025/02/28 10:58 p.m.4 views

WordPress Counter Box plugin <= 2.0.6 - Authenticated (Administrator+) DOM-Based Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Nguyen Khanh Hao in WordPress Plugin Counter Box versions = 2.0.6...

4.8CVSS5.7AI score0.00265EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2025/01/24 6:15 p.m.23 views

CVE-2025-24715

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Counter Box counter-box allows Cross Site Request Forgery.This issue affects Counter Box: from n/a through = 2.0.5...

5.4CVSS0.00202EPSS
Exploits0References1
OSV
OSVadded 2025/01/24 6:15 p.m.3 views

CVE-2025-24715

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Counter Box allows Cross Site Request Forgery. This issue affects Counter Box: from n/a through 2.0.5...

5.4CVSS5.8AI score0.00202EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/01/24 5:25 p.m.31 views

CVE-2025-24715 WordPress Counter Box Plugin <= 2.0.5 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Counter Box counter-box allows Cross Site Request Forgery.This issue affects Counter Box: from n/a through = 2.0.5...

5.4CVSS0.00202EPSS
Exploits0References1
CVE
CVEadded 2025/01/24 5:25 p.m.69 views

CVE-2025-24715

CVE-2025-24715 pertains to the WordPress Counter Box plugin. A CSRF in Counter Box (versions

5.4CVSS7.2AI score0.00202EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/01/24 5:25 p.m.13 views

CVE-2025-24715 WordPress Counter Box Plugin <= 2.0.5 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Counter Box counter-box allows Cross Site Request Forgery.This issue affects Counter Box: from n/a through = 2.0.5...

5.4CVSS7.2AI score0.00202EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/01/24 11:47 a.m.3 views

WordPress Counter Box Plugin <= 2.0.5 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Khang Duong in WordPress Plugin Counter Box versions = 2.0.5...

5.4CVSS6.9AI score0.00202EPSS
Exploits0Affected Software1
CNNVD
CNNVDadded 2025/01/24 12:0 a.m.6 views

WordPress plugin Counter Box 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

5.4CVSS8.5AI score0.00202EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/01/24 12:0 a.m.5 views

PT-2025-5529 · Wow Company · Counter Box

Name of the Vulnerable Software and Affected Versions: Wow-Company Counter Box versions 2.0.5 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's behalf. Recommendations: For versions 2.0.5 and...

5.4CVSS9.2AI score0.00202EPSS
Exploits0References5
Rows per page
Query Builder