Stored XSS Vulnerability in ProWCPlugins Product Time Countdown for WooCommerce
CVE-2025-57908
5.9MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 22 September 2025
What is CVE-2025-57908?
A security flaw in the ProWCPlugins Product Time Countdown for WooCommerce plugin introduces a risk of stored Cross-site Scripting (XSS). This vulnerability allows attackers to inject malicious scripts into web pages viewed by users, potentially compromising sensitive data and user interactions. Affected versions include all prior to 1.6.4. Users are advised to update to the latest version to mitigate this security risk.
Affected Version(s)
Product Time Countdown for WooCommerce <= 1.6.4