cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-2017,https://securityvulnerability.io/vulnerability/CVE-2024-2017,Unauthorized Access Vulnerability in Countdown & Clock Plugin for WordPress,"The Countdown, Coming Soon, Maintenance – Countdown & Clock plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the conditionsRow and switchCountdown functions in all versions up to, and including, 2.7.8. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject PHP Objects and modify the status of countdowns.",Wordpress,"Countdown, Coming Soon, Maintenance – Countdown & Clock",5.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-06-06T02:38:13.733Z,0
CVE-2022-0601,https://securityvulnerability.io/vulnerability/CVE-2022-0601,Countdown & Clock < 2.2.9 - Reflected Cross-Site Scripting,"The Countdown, Coming Soon, Maintenance WordPress plugin before 2.2.9 does not sanitize and escape the post parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.",Wordpress,"Countdown, Coming Soon, Maintenance – Countdown & Clock",6.1,MEDIUM,0.0007399999885819852,false,,false,false,false,,false,false,2022-03-14T14:41:38.000Z,0