VYPR

Countdown Block

by WordPress

CVEs (1)

  • CVE-2021-24633MedSep 27, 2021
    risk 0.28cvss 4.3epss 0.01

    The Countdown Block WordPress plugin before 1.1.2 does not have authorisation in the eb_write_block_css AJAX action, which allows any authenticated user, such as Subscriber, to modify post contents displayed to users.