cleantalk
Vulnerabilities and Security Researches

Countdown, Coming Soon, Maintenance – Countdown & Clock, CVE-2022-29422

CVE, Research URL

CVE-2022-29422

Home page URL

Security reports for Countdown, Coming Soon, Maintenance – Countdown & Clock

Application

Countdown, Coming Soon, Maintenance – Countdown & Clock

Published on
May 06, 2022
Research Description
Multiple Authenticated (admin+) Persistent Cross-Site Scripting (XSS) vulnerabilities in Adam Skaat's Countdown & Clock plugin <= 2.3.2 at WordPress via &ycd-countdown-width, &ycd-progress-height, &ycd-progress-width, &ycd-button-margin-top, &ycd-button-margin-right, &ycd-button-margin-bottom, &ycd-button-margin-left, &ycd-circle-countdown-before-countdown, &ycd-circle-countdown-after-countdown vulnerable parameters.
Affected versions
Min -, max 2.3.3.
Status
vulnerable
Previous vulnerability researches
Countdown, Coming Soon, Maintenance &#8211; Countdown &amp; Clock (CVE-2024-2017) , Jul 22, 2024
Countdown, Coming Soon, Maintenance &#8211; Countdown &amp; Clock (CVE-2025-30841) , Apr 04, 2025
Countdown, Coming Soon, Maintenance &#8211; Countdown &amp; Clock (CVE-2022-0601) , Jun 07, 2024
Countdown, Coming Soon, Maintenance &#8211; Countdown &amp; Clock (CVE-2022-29420) , Jun 07, 2024
Countdown, Coming Soon, Maintenance &#8211; Countdown &amp; Clock (CVE-2022-29423) , Jun 07, 2024
New vulnerability
Easy Google Maps (CVE-2025-32138) , Apr 05, 2025
Tockify Events Calendar (CVE-2025-32174) , Apr 05, 2025
Ultra Addons Lite for Elementor (CVE-2025-32192) , Apr 05, 2025
WooCommerce Search, Filters &amp; Merchandising (CVE-2025-32181) , Apr 05, 2025
Link Library (CVE-2025-2889) , Apr 05, 2025