VYPR

Countdown, Coming Soon, Maintenance

by WordPress

CVEs (3)

  • CVE-2025-2270HigApr 4, 2025
    risk 0.53cvss 8.1epss 0.01

    The Countdown, Coming Soon, Maintenance – Countdown & Clock plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.9.1 via the createCdObj function. This makes it possible for unauthenticated attackers to include and execute files…

  • CVE-2022-0601MedMar 14, 2022
    risk 0.40cvss 6.1epss 0.01

    The Countdown, Coming Soon, Maintenance WordPress plugin before 2.2.9 does not sanitize and escape the post parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.

  • CVE-2024-2017MedJun 6, 2024
    risk 0.35cvss 5.4epss 0.00

    The Countdown, Coming Soon, Maintenance – Countdown & Clock plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the conditionsRow and switchCountdown functions in all versions up to, and including, 2.7.8. This makes it possible for…