Lucene search

Count Per Day Project Security Vulnerabilities

cve

CVE-2012-0896

Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter.

9.2AI Score

0.018EPSS

2012-01-20 05:55 PM

cve

CVE-2012-6714

The count-per-day plugin before 3.2.3 for WordPress has XSS via search words.

6.1CVSS

6AI Score

0.001EPSS

2019-08-21 07:15 PM

cve

CVE-2013-7472

The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxes daytoshow parameter.

6.1CVSS

6AI Score

0.001EPSS

2019-06-15 11:29 PM

150

cve

CVE-2015-5533

SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the cpd_keep_month parameter to wp-admin/options-general.php. NOTE: this can be leveraged using CSRF to allow re...

7.2CVSS

7.2AI Score

0.002EPSS

2017-10-23 06:29 PM