CPE Details
Count Per Day Project Count Per Day 3.2.4 for WordPress
3.2.4
2019-06-17
12h14 +00:00
12h14 +00:00
2019-06-17
12h14 +00:00
12h14 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:count_per_day_project:count_per_day:3.2.4:*:*:*:*:wordpress:*:*
Informations
Vendor
count_per_day_projectProduct
count_per_dayVersion
3.2.4Target Software
wordpressRelated CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxes daytoshow parameter. | 6.1 |
Medium |
||
| SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the cpd_keep_month parameter to wp-admin/options-general.php. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands. | 7.2 |
High |
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.