Wow-company Counter_box
6 CVEs affecting Wow-company Counter_box. Latest disclosed: 2025-03-01. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-2245 | High | 8.8 | 2022-08-01 | The Counter Box WordPress plugin before 1.2.1 is lacking CSRF check when activating and deactivating counters, which could allow attackers to make a logged in… |
CVE-2022-29446 | Medium | 6.8 | 2022-05-19 | Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Counter Box plugin <= 1.1.1 at WordPress. |
CVE-2023-2362 | Medium | 6.1 | 2023-06-12 | The Float menu WordPress plugin before 5.0.2, Bubble Menu WordPress plugin before 3.0.4, Button Generator WordPress plugin before 2.3.5, Calculator Builder Wor… |
CVE-2025-24715 | Medium | 5.4 | 2025-01-24 | Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Counter Box counter-box allows Cross Site Request Forgery.This issue affects Counter Box: from n… |
CVE-2024-3481 | Medium | 5.2 | 2024-05-02 | The Counter Box WordPress plugin before 1.2.4 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unw… |
CVE-2024-13901 | Medium | 4.4 | 2025-03-01 | The Counter Box: Add Engaging Countdowns, Timers & Counters to Your WordPress Site plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting… |