Unrated severityNVD Advisory· Published Jan 20, 2012· Updated Apr 29, 2026
CVE-2012-0896
CVE-2012-0896
Description
Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter.
Affected products
6cpe:2.3:a:count_per_day_project:count_per_day:2.15:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:count_per_day_project:count_per_day:2.15:*:*:*:*:*:*:*
- cpe:2.3:a:count_per_day_project:count_per_day:2.15.1:*:*:*:*:*:*:*
- cpe:2.3:a:count_per_day_project:count_per_day:2.16:*:*:*:*:*:*:*
- cpe:2.3:a:count_per_day_project:count_per_day:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:tom_braider:count_per_day:*:*:*:*:*:*:*:*range: <=3.1
- cpe:2.3:a:tom_braider:count_per_day:1.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- osvdb.org/78270nvdExploit
- packetstormsecurity.org/files/108631/countperday-downloadxss.txtnvdExploit
- www.exploit-db.com/exploits/18355nvdExploit
- secunia.com/advisories/47529nvdVendor Advisory
- plugins.trac.wordpress.org/changeset/488883/count-per-daynvd
- wordpress.org/extend/plugins/count-per-day/changelog/nvd
- www.securityfocus.com/bid/51402nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/72385nvd
News mentions
0No linked articles in our index yet.