Vulnerabilities (CVE)

Filtered by vendor Wpdeveloper Subscribe
Filtered by product Countdown Block
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-24633 1 Wpdeveloper 1 Countdown Block 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
The Countdown Block WordPress plugin before 1.1.2 does not have authorisation in the eb_write_block_css AJAX action, which allows any authenticated user, such as Subscriber, to modify post contents displayed to users.