cbcvebase.

Count Per Day Project Count Per Day vulnerabilities

4 known vulnerabilities affecting count_per_day_project/count_per_day.

Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2015-5533P3HIGHCVSS 7.2PoC≤ 3.42017-10-23
CVE-2015-5533 [HIGH] CWE-89 CVE-2015-5533: SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for Word SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the cpd_keep_month parameter to wp-admin/options-general.php. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands.
nvd
CVE-2012-0896P3MEDIUMCVSS 5.0PoCv2.2v2.15+2 more2012-01-20
CVE-2012-0896 [MEDIUM] CWE-22 CVE-2012-0896: Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for W Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter.
nvd
CVE-2013-7472P4MEDIUMCVSS 6.1fixed in 3.2.62019-06-15
CVE-2013-7472 [MEDIUM] CWE-79 CVE-2013-7472: The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxe The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxes daytoshow parameter.
nvd
CVE-2012-6714P4MEDIUMCVSS 6.1fixed in 3.2.32019-08-21
CVE-2012-6714 [MEDIUM] CWE-79 CVE-2012-6714: The count-per-day plugin before 3.2.3 for WordPress has XSS via search words. The count-per-day plugin before 3.2.3 for WordPress has XSS via search words.
nvd
Count Per Day Project Count Per Day vulnerabilities | cvebase