Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-29420: Countdown, Coming Soon, Maintenance – Countdown & Clock

Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Adam Skaat’s Countdown & Clock plugin <= 2.3.2 at WordPress via &ycd-circle-countdown-before-countdown and &ycd-circle-countdown-after-countdown vulnerable parameters.

CVE
#xss#vulnerability#web#wordpress#auth
  • Details
  • Reviews
  • Support
  • Development

This plugin has been closed as of May 6, 2022 and is not available for download. This closure is temporary, pending a full review.

I use 3 different countdowns on 2 different websites and every time, it’s easy to setup. Even the free version is good.

Simple timer that does exactly what it’s supposed to do - displays a counter for the launch of a product / website. Usually, these timers can be overly complicated when you’re just looking for one thing. The time displayed on the landing page or if you are showing a coming soon message or maintenance mode. If you want something fancier with all the customizable bells and whistles, you’ll have to opt for a professional version of the plugin. I think for most basic web launches it will be working just fine.

The default style for the countdown clock is very good and easy to set up. We wanted more advanced features, so I upgraded, and received excellent customer support for getting the upgrade completed.

Adam was so helpful with custome code and adding specific design elements to the countdown object. Their functionality is awesome.

Je suis trés satisfait de ce compteur

Visually appealing and easy to use

Read all 142 reviews

“Countdown, Coming Soon, Maintenance – Countdown & Clock” is open source software. The following people have contributed to this plugin.

Contributors

  • adamskaat

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907