Aggregates CVE and security vulnerability intelligence across all count_per_day_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk cross-site scripting, vendor risk sql injection, and vendor risk path handling and related problems; some flaws may lead to vendor impact session compromise.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2012-6714 | The count-per-day plugin before 3.2.3 for WordPress has XSS via search words. | [email protected] | 6.1 | 0.91% | 2019-08-21 | 2026-06-16 |
| CVE-2013-7472 | The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxes daytoshow parameter. | [email protected] | 6.1 | 0.98% | 2019-06-15 | 2026-06-16 |
| CVE-2015-5533 | SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the cpd_keep_month parameter to wp-admin/options-general.php. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands. | [email protected] | 7.2 | 7.17% | 2017-10-23 | 2026-06-16 |
| CVE-2012-0896 | Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter. | [email protected] | 5.0 | 25.22% | 2012-01-20 | 2026-06-16 |