cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-34636,https://securityvulnerability.io/vulnerability/CVE-2021-34636,"Countdown and CountUp, WooCommerce Sales Timer <= 1.5.7 Cross-Site Request Forgery to Stored Cross-Site Scripting","The Countdown and CountUp, WooCommerce Sales Timers WordPress plugin is vulnerable to Cross-Site Request Forgery via the save_theme function found in the ~/includes/admin/coundown_theme_page.php file due to a missing nonce check which allows attackers to inject arbitrary web scripts, in versions up to and including 1.5.7.",Wordpress,"Countdown And Countup, WooCommerce Sales Timers",8.8,HIGH,0.0010600000387057662,false,,false,false,false,,,false,false,,2021-09-28T14:15:00.000Z,0