WPC Countdown Timer for WooCommerce, CVE-2025-49908
- CVE, Research URL
- Home page URL
- Application
- Published on
- Oct 22, 2025
- Research Description
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPClever WPC Countdown Timer for WooCommerce wpc-countdown-timer allows Stored XSS.This issue affects WPC Countdown Timer for WooCommerce: from n/a through <= 3.1.4.
- Affected versions
-
max 3.1.5.
- Status
-
vulnerable