Count per Day

Name: Count per Day
Type: XSS
Exploit version: 3.2.5
Release Date: 03-05-2013
Status: A new version of Count per Day has been released  •

Input passed via the "daytoshow" POST parameter to wp-content/wp-admin/index.php (when "page" is set to "cpd_metaboxes") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.

Plugin Information

  1. Downloaded: 492682 Times
  2. Current Version: 3.4
  3. Author: Profile
  4. Tested up to: 4.2.2
  5. Download Plugin

Security Information

  1. Secunia ID:
  2. Credit: alejandr0.m0f0
  • Plugin statistics provided by Updated within the last day or so.
  • ¹ Status info requires plugin author's to fill in versioning info on the repository