WordPress Widget Countdown plugin <= 2.7.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Widget Countdown versions = 2.7.7...

EUVD-2025-13866

Malicious code in bioql PyPI...

EUVD-2025-3911

Malicious code in bioql PyPI...

CVE-2025-24719

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdevart Widget Countdown widget-countdown allows Stored XSS.This issue affects Widget Countdown: from n/a through = 2.7.1...

CVE-2025-47443

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdevart Widget Countdown widget-countdown allows Stored XSS.This issue affects Widget Countdown: from n/a through = 2.7.4...

CVE-2025-47443

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdevart Widget Countdown widget-countdown allows Stored XSS.This issue affects Widget Countdown: from n/a through = 2.7.4...

CVE-2025-47443

CVE-2025-47443 is a stored XSS in WordPress Widget Countdown (Widget Countdown plugin) that affects versions n/a through 2.7.4. The issue stems from improper neutralization of input during web page generation. The vulnerability has been assessed with a Medium score (CVSS 3.1: 6.5) and is noted as...

CVE-2025-47443 WordPress Widget Countdown plugin <= 2.7.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdevart Widget Countdown widget-countdown allows Stored XSS.This issue affects Widget Countdown: from n/a through = 2.7.4...

CVE-2025-47443 WordPress Widget Countdown <= 2.7.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdevart Widget Countdown allows Stored XSS. This issue affects Widget Countdown: from n/a through 2.7.4...

PT-2025-20081 · WordPress · Wpdevart Widget Countdown

Name of the Vulnerable Software and Affected Versions: wpdevart Widget Countdown versions n/a through 2.7.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker ca...

WordPress plugin Widget Countdown 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2025-1456

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widgetGrid, widgetCountDown, and widgetInstagramFeed methods in all versions up to, and including, 1.7.1012 due to insufficient input sanitization and output escaping. This makes it...

CVE-2025-24719

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdevart Widget Countdown widget-countdown allows Stored XSS.This issue affects Widget Countdown: from n/a through = 2.7.1...

CVE-2025-24719 WordPress Widget Countdown plugin <= 2.7.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdevart Widget Countdown widget-countdown allows Stored XSS.This issue affects Widget Countdown: from n/a through = 2.7.1...

CVE-2025-24719

CVE-2025-24719 refers to a Stored XSS vulnerability in the WordPress plugin Widget Countdown (wpdevart) affecting versions up to 2.7.1. The issue is due to improper input neutralization during web page generation. The documented CVSS v3.1 base score is 6.5 (Medium) with network attack vector, req...

WordPress Widget Countdown plugin <= 2.7.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Widget Countdown versions = 2.7.1...

PT-2025-5533 · Wpdevart · Wpdevart Widget Countdown

Name of the Vulnerable Software and Affected Versions: wpdevart Widget Countdown versions n/a through 2.7.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker ca...

WordPress plugin Widget Countdown 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...