This page lists publicly disclosed CVE vulnerabilities affecting count_per_day_project count_per_day (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2012-6714 | The count-per-day plugin before 3.2.3 for WordPress has XSS via search words. | [email protected] | 6.1 | 0.91% | 2019-08-21 | 2026-06-16 |
| CVE-2013-7472 | The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxes daytoshow parameter. | [email protected] | 6.1 | 0.98% | 2019-06-15 | 2026-06-16 |
| CVE-2015-5533 | SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the cpd_keep_month parameter to wp-admin/options-general.php. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands. | [email protected] | 7.2 | 7.17% | 2017-10-23 | 2026-06-16 |
| CVE-2012-0896 | Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter. | [email protected] | 5.0 | 25.22% | 2012-01-20 | 2026-06-16 |