CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Counter Box counter-box allows Cross Site Request Forgery.This issue affects Counter Box: from n/a through = 2.0.5...

5.4CVSS7.2AI score0.0011EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:48 p.m.•5 views

CVE-2022-2245

The Counter Box WordPress plugin before 1.2.1 is lacking CSRF check when activating and deactivating counters, which could allow attackers to make a logged in admin perform such actions via CSRF attacks...

8.8CVSS6.8AI score0.0016EPSS

Exploits2References1

Cvelist•added 2025/03/01 5:30 a.m.•9 views

CVE-2024-13901 Counter Box: Add Engaging Countdowns, Timers & Counters to Your WordPress Site <= 2.0.6 - Authenticated (Administrator+) DOM-Based Stored Cross-Site Scripting

The Counter Box: Add Engaging Countdowns, Timers & Counters to Your WordPress Site plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘content’ parameter in all versions up to, and including, 2.0.6 due to insufficient input sanitization and output escaping. This...

4.4CVSS0.00162EPSS

Exploits0References3

Vulnrichment•added 2025/03/01 5:30 a.m.•5 views

CVE-2024-13901 Counter Box: Add Engaging Countdowns, Timers & Counters to Your WordPress Site <= 2.0.6 - Authenticated (Administrator+) DOM-Based Stored Cross-Site Scripting

4.4CVSS4.3AI score0.00162EPSS

Exploits0References3

CNNVD•added 2025/03/01 12:0 a.m.•2 views

WordPress plugin Counter Box 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

4.8CVSS7.5AI score0.00162EPSS

Exploits0References5

Patchstack•added 2025/02/28 10:58 p.m.•2 views

WordPress Counter Box plugin <= 2.0.6 - Authenticated (Administrator+) DOM-Based Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Nguyen Khanh Hao in WordPress Plugin Counter Box versions = 2.0.6...

4.8CVSS5.7AI score0.00162EPSS

Exploits0References1Affected Software1

NVD•added 2025/01/24 6:15 p.m.•13 views

CVE-2025-24715

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Counter Box counter-box allows Cross Site Request Forgery.This issue affects Counter Box: from n/a through = 2.0.5...

5.4CVSS0.0011EPSS

Exploits0References1

OSV•added 2025/01/24 6:15 p.m.•0 views

CVE-2025-24715

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Counter Box allows Cross Site Request Forgery. This issue affects Counter Box: from n/a through 2.0.5...

5.4CVSS5.8AI score0.0011EPSS

Exploits0References1

Cvelist•added 2025/01/24 5:25 p.m.•15 views

CVE-2025-24715 WordPress Counter Box Plugin <= 2.0.5 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Counter Box counter-box allows Cross Site Request Forgery.This issue affects Counter Box: from n/a through = 2.0.5...

5.4CVSS0.0011EPSS

Exploits0References1

Vulnrichment•added 2025/01/24 5:25 p.m.•11 views

CVE-2025-24715 WordPress Counter Box Plugin <= 2.0.5 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Counter Box counter-box allows Cross Site Request Forgery.This issue affects Counter Box: from n/a through = 2.0.5...

5.4CVSS7.2AI score0.0011EPSS

Exploits0References1

CVE•added 2025/01/24 5:25 p.m.•57 views

CVE-2025-24715

CVE-2025-24715 pertains to the WordPress Counter Box plugin. A CSRF in Counter Box (versions

5.4CVSS7.2AI score0.0011EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/01/24 11:47 a.m.•2 views

WordPress Counter Box Plugin <= 2.0.5 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Khang Duong in WordPress Plugin Counter Box versions = 2.0.5...

5.4CVSS6.9AI score0.0011EPSS

Exploits0Affected Software1

Positive Technologies•added 2025/01/24 12:0 a.m.•2 views

PT-2025-5529 · Wow Company · Counter Box

Name of the Vulnerable Software and Affected Versions: Wow-Company Counter Box versions 2.0.5 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's behalf. Recommendations: For versions 2.0.5 and...

5.4CVSS9.2AI score0.0011EPSS

Exploits0References5

CNNVD•added 2025/01/24 12:0 a.m.•1 views

WordPress plugin Counter Box 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

5.4CVSS8.5AI score0.0011EPSS

Exploits0References2

Patchstack•added 2024/05/02 6:48 a.m.•2 views

WordPress Counter Box plugin < 1.2.4 - Counter Deletion via CSRF vulnerability

Counter Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Counter Box versions 1.2.4...

5.2CVSS7AI score0.0016EPSS

Exploits2References1Affected Software1

NVD•added 2024/05/02 6:15 a.m.•15 views

CVE-2024-3481

The Counter Box WordPress plugin before 1.2.4 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such deleting counters via CSRF attacks...

5.2CVSS6.5AI score0.0016EPSS

Exploits2References1

OSV•added 2024/05/02 6:15 a.m.•1 views

CVE-2024-3481

5.2CVSS5.8AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by