Post Pay Counter
by WordPress
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-18583 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The post-pay-counter plugin before 2.731 for WordPress has PHP Object Injection. | ||
| CVE-2017-18584 | Hig | 0.49 | 7.5 | 0.01 | Aug 22, 2019 | The post-pay-counter plugin before 2.731 for WordPress has no permissions check for an update-settinga action. | ||
| CVE-2023-47673 | Hig | 0.46 | 7.1 | 0.00 | Nov 14, 2023 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Stefano Ottolenghi Post Pay Counter plugin <= 2.784 versions. |
- risk 0.64cvss 9.8epss 0.02
The post-pay-counter plugin before 2.731 for WordPress has PHP Object Injection.
- risk 0.49cvss 7.5epss 0.01
The post-pay-counter plugin before 2.731 for WordPress has no permissions check for an update-settinga action.
- risk 0.46cvss 7.1epss 0.00
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Stefano Ottolenghi Post Pay Counter plugin <= 2.784 versions.