| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-6443 | Essentialplugin Plugins (Various Versions) - Injected Backdoor | essentialplugin | Accordion and Accordion Slider | Critical | 9.8 | 2026-04-17 06:44:49 | Deep Dive |
| CVE-2026-1390 | Redirect countdown <= 1.0 - Cross-Site Request Forgery to Settings Update | haghs | Redirect countdown | Medium | 4.3 | 2026-03-21 03:26:37 | Deep Dive |
| CVE-2026-27354 | WordPress WooCommerce Coming Soon Product with Countdown plugin <= 5.0 - Cross Site Scripting (XSS) vulnerability | WebCodingPlace | WooCommerce Coming Soon Product with Countdown | 中危 | - | 2026-03-05 05:53:54 | Deep Dive |
| CVE-2025-68552 | WordPress WooCommerce Coming Soon Product with Countdown plugin <= 5.0 - Local File Inclusion vulnerability | WebCodingPlace | WooCommerce Coming Soon Product with Countdown | High | 7.5 | 2026-02-20 15:46:41 | Deep Dive |
| CVE-2026-27052 | WordPress Sales Countdown Timer for WooCommerce and WordPress plugin < 1.1.9 - Local File Inclusion vulnerability | villatheme | Sales Countdown Timer for WooCommerce and WordPress | - | - | 2026-02-19 08:27:10 | Deep Dive |
| CVE-2026-1654 | Peter's Date Countdown <= 2.0.0 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] | pkthree | Peter’s Date Countdown | Medium | 6.1 | 2026-02-05 09:13:46 | Deep Dive |
| CVE-2026-1165 | Popup Box <= 6.1.1 - Cross-Site Request Forgery to Popup Status Change | ays-pro | Popup Box – Create Countdown, Coupon, Video, Contact Form Popups | Medium | 4.3 | 2026-01-31 14:22:29 | Deep Dive |
| CVE-2025-14555 | Countdown Timer - Widget Countdown <= 2.7.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wpdevart | Countdown Timer – Widget Countdown | Medium | 6.4 | 2026-01-10 12:23:17 | Deep Dive |
| CVE-2025-27002 | WordPress CountDown With Image or Video Background plugin <= 1.5 - Reflected Cross Site Scripting (XSS) vulnerability | LambertGroup | CountDown With Image or Video Background | High | 7.1 | 2026-01-08 09:17:41 | Deep Dive |
| CVE-2025-69348 | WordPress The Events Calendar Countdown Addon plugin <= 1.4.15 - Broken Access Control vulnerability | CoolHappy | The Events Calendar Countdown Addon | Medium | 4.3 | 2026-01-06 16:36:40 | Deep Dive |
| CVE-2025-68054 | WordPress CountDown With Image or Video Background plugin <= 1.5 - SQL Injection vulnerability | LambertGroup | CountDown With Image or Video Background | High | 8.5 | 2025-12-16 08:13:00 | Deep Dive |
| CVE-2025-12665 | Ninja Countdown <= 1.5.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Countdown Deletion | lovelightplugins | Ninja Countdown | Fastest Countdown Builder | Medium | 4.3 | 2025-11-11 03:30:47 | Deep Dive |
| CVE-2025-52749 | WordPress Uji Countdown plugin <= 2.3.3 - Cross Site Scripting (XSS) vulnerability | Activity Track | Uji Countdown | - | - | 2025-10-22 14:32:24 | Deep Dive |
| CVE-2025-49908 | WordPress WPC Countdown Timer for WooCommerce plugin <= 3.1.4 - Cross Site Scripting (XSS) vulnerability | WPClever | WPC Countdown Timer for WooCommerce | - | - | 2025-10-22 14:32:11 | Deep Dive |
| CVE-2025-11880 | SM CountDown Widget <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | sierramike | SM CountDown Widget | Medium | 6.4 | 2025-10-22 08:27:08 | Deep Dive |
| CVE-2025-57908 | WordPress Product Time Countdown for WooCommerce plugin <= 1.6.5 - Cross Site Scripting (XSS) vulnerability | ProWCPlugins | Product Time Countdown for WooCommerce | Medium | 5.9 | 2025-09-22 18:25:22 | Deep Dive |
| CVE-2025-8445 | Countdown Timer for Elementor <= 1.3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'countdown_label' | shaikhaezaz80 | Countdown Timer for Elementor | Medium | 6.4 | 2025-09-11 07:24:53 | Deep Dive |
| CVE-2025-5929 | The Countdown <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via clientId Parameter | zourbuth | The Countdown – Block Countdown Timer | Medium | 6.4 | 2025-06-26 02:22:20 | Deep Dive |
| CVE-2025-49311 | WordPress The Events Calendar Countdown Addon plugin <= 1.4.9 - Cross Site Scripting (XSS) Vulnerability | CoolHappy | The Events Calendar Countdown Addon | Medium | 6.5 | 2025-06-06 12:53:51 | Deep Dive |
| CVE-2025-32301 | WordPress CountDown Pro WP Plugin <= 2.7 - SQL Injection Vulnerability | LambertGroup | CountDown Pro WP Plugin | High | 8.5 | 2025-05-16 15:45:30 | Deep Dive |