Vulnerabilities > Plugin Planet > Simple Download Counter > 1.0

DATE	CVE	VULNERABILITY TITLE	RISK
2025-04-22	CVE-2025-46240	Cross-site Scripting vulnerability in Plugin-Planet Simple Download Counter Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Simple Download Counter allows Stored XSS. network low complexity plugin-planet CWE-79	5.4
2023-09-09	CVE-2023-4838	Unspecified vulnerability in Plugin-Planet Simple Download Counter The Simple Download Counter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in versions up to, and including, 1.6 due to insufficient input sanitization and output escaping on user supplied attributes like 'before' and 'after'. network low complexity plugin-planet	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.