VYPR

Count Per Day

by WordPress

Source repositories

CVEs (6)

  • CVE-2015-5533HigOct 23, 2017
    risk 0.43cvss 7.2epss 0.07

    SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the cpd_keep_month parameter to wp-admin/options-general.php. NOTE: this can be leveraged…

  • CVE-2012-6714Aug 21, 2019
    risk 0.00cvss epss 0.01

    The count-per-day plugin before 3.2.3 for WordPress has XSS via search words.

  • CVE-2013-7472Jun 15, 2019
    risk 0.00cvss epss 0.01

    The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxes daytoshow parameter.

  • CVE-2012-3434Aug 15, 2012
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in userperspan.php in the Count Per Day module before 3.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) datemin, or (3) datemax parameter.

  • CVE-2012-0896Jan 20, 2012
    risk 0.00cvss epss 0.25

    Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter.

  • CVE-2012-0895Jan 20, 2012
    risk 0.00cvss epss 0.06

    Cross-site scripting (XSS) vulnerability in map/map.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the map parameter.