cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-10669,https://securityvulnerability.io/vulnerability/CVE-2024-10669,Vulnerability in Countdown Timer Block Could Allow Access to Private Posts,"The Countdown Timer block – Display the event's date into a timer. plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.4 via the [ctb] shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to.",Wordpress,Countdown Timer Block – Display The Event's Date Into A Timer.,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-11-09T04:32:26.918Z,0
CVE-2021-24633,https://securityvulnerability.io/vulnerability/CVE-2021-24633,Countdown Block < 1.1.2 - Missing Authorisation in AJAX action,"The Countdown Block WordPress plugin before 1.1.2 does not have authorisation in the eb_write_block_css AJAX action, which allows any authenticated user, such as Subscriber, to modify post contents displayed to users.",Wordpress,Countdown Block,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2021-09-27T15:25:26.000Z,0