Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpdevart Countdown and CountUp, WooCommerce Sales Timer plugin <= 1.8.2 versions.CreditsSeungYongLee (Patchstack Alliance)Referenceshttps://patchstack.com/database/vulnerability/countdown-wpdevart-extended/wordpress-countdown-and-countup-woocommerce-sales-timer-plugin-1-8-2-cross-site-scripting-xss-vulnerability?_s_id=cve
