CVE-2016-10900

The uji-countdown plugin before 2.0.7 for WordPress has XSS...

EUVD-2016-1894

Malware in sbrugna...

EUVD-2022-43177

Malicious code in bioql PyPI...

CVE-2022-3837

The Uji Countdown WordPress plugin before 2.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-3837

The Uji Countdown WordPress plugin before 2.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Uji Countdown <= 2.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. In the settings of the plugin add the payload ...

CVE-2016-10900

The uji-countdown plugin before 2.0.7 for WordPress has XSS...

CVE-2016-10900

The uji-countdown plugin before 2.0.7 for WordPress has XSS...

WordPress Uji Countdown Plugin <= 2.0.6 - Cross-Site Scripting (XSS)

Because of this vulnerability, attackers can steal Administrators' session tokens, or perform arbitrary actions. Solution Update the plugin...