Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Counter Box – WordPress plugin for countdown, timer, counter 1.2

  • Severity: high-risk
  • Status: Fixed
  • Publication: July 8, 2022

The Counter Box plugin for WordPress has a security issue in versions 1.2 and earlier. This issue allows people with administrator access to the website to extract sensitive information from the database. This is done by exploiting the lack of proper security measures on the user supplied parameter and the existing SQL query.

Detected in:

Counter Box – Add Countdowns, Timers & Dynamic Counters to WordPress fixed vulnerable versions:
Counter Box – WordPress plugin for countdown, timer, counter fixed vulnerable versions: >= * <= 1.2
Counter Box: Add Engaging Countdowns, Timers & Counters to Your WordPress Site fixed vulnerable versions:
Counter Box: Create Engaging Countdowns, Timers & Counters fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.