EIP-2026-113659
PRE-CVEWordPress Plugin Count Per Day - 'daytoshow' Cross-Site Scripting
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-113659. PoCs published by alejandr0.m0f0.
AI-analyzed exploit summary The exploit demonstrates a reflected XSS vulnerability in the Count Per Day WordPress plugin (versions 3.2.5 and prior) by injecting malicious JavaScript via the 'daytoshow' parameter. The payload is executed in the context of the affected site when an authenticated user visits the crafted URL.
Description
WordPress Plugin Count Per Day - 'daytoshow' Cross-Site Scripting
Exploits (1)
The exploit demonstrates a reflected XSS vulnerability in the Count Per Day WordPress plugin (versions 3.2.5 and prior) by injecting malicious JavaScript via the 'daytoshow' parameter. The payload is executed in the context of the affected site when an authenticated user visits the crafted URL.