Vulnerabilities (CVE)

Filtered by vendor Count Per Day Project Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-6714 1 Count Per Day Project 1 Count Per Day 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
The count-per-day plugin before 3.2.3 for WordPress has XSS via search words.
CVE-2013-7472 1 Count Per Day Project 1 Count Per Day 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxes daytoshow parameter.
CVE-2015-5533 1 Count Per Day Project 1 Count Per Day 2024-02-04 6.5 MEDIUM 7.2 HIGH
SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the cpd_keep_month parameter to wp-admin/options-general.php. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands.
CVE-2012-0896 3 Count Per Day Project, Tom Braider, Wordpress 3 Count Per Day, Count Per Day, Wordpress 2024-02-04 5.0 MEDIUM N/A
Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter.