WordPress Plugin Vulnerabilities

Free Counter 1.1 - Cross-Site Scripting (XSS)

Description

The Free counter WordPress plugin was affected by a Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
free-counter
No known fix

References

CVE
CVE-2015-4084
Exploitdb
37132
URL
https://packetstormsecurity.com/files/#132062/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
pvdl
Verified
No
WPVDB ID
e872e85f-634f-4703-abdc-7723be9bc1a2

Timeline

Publicly Published
2015-05-25 (about 10 years ago)
Added
2015-05-28 (about 10 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2017-02-16
Title
Corner Ad < 1.0.8 - Admin+ Stored XSS
Published
2014-08-01
Title
Wordfence 3.8.6 - lib/IPTraf.php User-Agent Header Stored XSS
Published
2026-02-04
Title
Robin Image Optimizer < 2.0.3 - Authenticated (Author+) Stored Cross-Site Scripting via Image Alternative Text Field
Published
2025-01-06
Title
Sell Media <= 2.5.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2025-03-03
Title
Shortcodes Ultimate < 7.3.4 - Contributor+ Stored XSS