High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-01	CVE-2022-2245	Unspecified vulnerability in Wow-Company Counter BOX The Counter Box WordPress plugin before 1.2.1 is lacking CSRF check when activating and deactivating counters, which could allow attackers to make a logged in admin perform such actions via CSRF attacks network low complexity wow-company	8.8
2022-05-19	CVE-2022-29446	Files or Directories Accessible to External Parties vulnerability in Wow-Company Counter BOX 1.0/1.1/1.1.1 Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Counter Box plugin <= 1.1.1 at WordPress. network low complexity wow-company CWE-552	7.2