Countdown & Clock
by WordPress
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-30841 | Cri | 0.64 | 9.9 | 0.01 | Apr 1, 2025 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in adamskaat Countdown & Clock countdown-builder allows Remote Code Inclusion.This issue affects Countdown & Clock: from n/a through <= 2.8.8. | ||
| CVE-2022-29420 | Med | 0.38 | 5.9 | 0.00 | May 6, 2022 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Adam Skaat Countdown & Clock (WordPress plugin) countdown-builder allows Stored XSS.This issue affects Countdown & Clock (WordPress plugin): from n/a through 2.3.2. | ||
| CVE-2022-29422 | Med | 0.31 | 4.8 | 0.01 | May 6, 2022 | Multiple Authenticated (admin+) Persistent Cross-Site Scripting (XSS) vulnerabilities in Adam Skaat's Countdown & Clock plugin <= 2.3.2 at WordPress via &ycd-countdown-width, &ycd-progress-height, &ycd-progress-width, &ycd-button-margin-top, &ycd-button-margin-right,… | ||
| CVE-2022-29421 | Med | 0.31 | 4.7 | 0.01 | May 6, 2022 | Reflected Cross-Site Scripting (XSS) vulnerability in Adam Skaat's Countdown & Clock plugin on WordPress via &ycd_type vulnerable parameter. | ||
| CVE-2022-29423 | Low | 0.25 | 3.8 | 0.01 | May 6, 2022 | Pro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress. |
- risk 0.64cvss 9.9epss 0.01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in adamskaat Countdown & Clock countdown-builder allows Remote Code Inclusion.This issue affects Countdown & Clock: from n/a through <= 2.8.8.
- risk 0.38cvss 5.9epss 0.00
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Adam Skaat Countdown & Clock (WordPress plugin) countdown-builder allows Stored XSS.This issue affects Countdown & Clock (WordPress plugin): from n/a through 2.3.2.
- risk 0.31cvss 4.8epss 0.01
Multiple Authenticated (admin+) Persistent Cross-Site Scripting (XSS) vulnerabilities in Adam Skaat's Countdown & Clock plugin <= 2.3.2 at WordPress via &ycd-countdown-width, &ycd-progress-height, &ycd-progress-width, &ycd-button-margin-top, &ycd-button-margin-right,…
- risk 0.31cvss 4.7epss 0.01
Reflected Cross-Site Scripting (XSS) vulnerability in Adam Skaat's Countdown & Clock plugin on WordPress via &ycd_type vulnerable parameter.
- risk 0.25cvss 3.8epss 0.01
Pro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress.