{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1390", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-01-23T20:52:46.325Z", "datePublished": "2026-03-21T03:26:37.006Z", "dateUpdated": "2026-04-08T16:41:22.806Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:41:22.806Z"}, "affected": [{"vendor": "haghs", "product": "Redirect countdown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Redirect countdown plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation on the `countdown_settings_content()` function. This makes it possible for unauthenticated attackers to update the plugin settings including the countdown timeout, redirect URL, and custom text, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "title": "Redirect countdown <= 1.0 - Cross-Site Request Forgery to Settings Update", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/212e5d55-5b28-41d6-86a0-d247d6c81f0d?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/redirect-countdown/trunk/redirectcountdown.php#L34"}, {"url": "https://plugins.trac.wordpress.org/browser/redirect-countdown/tags/1.0/redirectcountdown.php#L34"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Nur Ibnu Hubab"}], "timeline": [{"time": "2026-03-20T15:19:25.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-23T16:40:01.274036Z", "id": "CVE-2026-1390", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T16:40:14.778Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1390", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-23T16:40:01.274036Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T16:40:09.992Z"}}], "cna": {"title": "Redirect countdown <= 1.0 - Cross-Site Request Forgery to Settings Update", "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Nur Ibnu Hubab"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "haghs", "product": "Redirect countdown", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-03-20T15:19:25.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/212e5d55-5b28-41d6-86a0-d247d6c81f0d?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/redirect-countdown/trunk/redirectcountdown.php#L34"}, {"url": "https://plugins.trac.wordpress.org/browser/redirect-countdown/tags/1.0/redirectcountdown.php#L34"}], "descriptions": [{"lang": "en", "value": "The Redirect countdown plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation on the `countdown_settings_content()` function. This makes it possible for unauthenticated attackers to update the plugin settings including the countdown timeout, redirect URL, and custom text, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-03-21T03:26:37.006Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1390", "state": "PUBLISHED", "dateUpdated": "2026-03-23T16:40:14.778Z", "dateReserved": "2026-01-23T20:52:46.325Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-03-21T03:26:37.006Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Redirect countdown plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation on the `countdown_settings_content()` function. This makes it possible for unauthenticated attackers to update the plugin settings including the countdown timeout, redirect URL, and custom text, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}, {"lang": "es", "value": "El plugin Redirect countdown para WordPress es vulnerable a falsificaci\u00f3n de petici\u00f3n en sitios cruzados en todas las versiones hasta la 1.0, inclusive. Esto se debe a la falta de validaci\u00f3n de nonce en la funci\u00f3n 'countdown_settings_content()'. Esto hace posible que atacantes no autenticados actualicen la configuraci\u00f3n del plugin, incluyendo el tiempo de espera de la cuenta regresiva, la URL de redirecci\u00f3n y el texto personalizado, a trav\u00e9s de una petici\u00f3n falsificada, siempre que puedan enga\u00f1ar a un administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace."}], "id": "CVE-2026-1390", "lastModified": "2026-04-22T21:32:08.360", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-03-21T04:16:52.997", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/redirect-countdown/tags/1.0/redirectcountdown.php#L34"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/redirect-countdown/trunk/redirectcountdown.php#L34"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/212e5d55-5b28-41d6-86a0-d247d6c81f0d?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.0]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Redirect countdown", "source": "cna", "vendor": "haghs"}, "product": "redirect_countdown", "vendor": "haghs"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-21T06:27:40.093537+00:00", "value": {"mitigation_remediation": ["Update the Redirect Countdown plugin to a version newer than 1.0 (or remove the plugin if no update is available).", "Verify that the new plugin version includes nonce checks for settings updates.", "If an update is unavailable, disable or uninstall the plugin to prevent the CSRF state."], "summary": {"action": "Apply Patch", "impact": "Unauthorized administrative changes and site redirection via CSRF"}, "threat_synthesis": {"affected_systems": "The issue affects the \"Redirect Countdown\" plugin developed by HAGHS, for all WordPress installations using version 1.0 or earlier. Administrators running these versions are at risk until the plugin is upgraded or removed.", "description_and_impact": "The Redirect Countdown WordPress plugin contains a CSRF flaw due to missing nonce validation in the countdown_settings_content() function. This flaw allows an unauthenticated attacker to forge a request that updates plugin settings, including the countdown timeout, redirect URL, and custom text. The attacker can therefore force the site to redirect visitors to a malicious URL or display deceptive messages, potentially resulting in phishing or other downstream attacks. The weakness is identified as CWE\u2011352, which represents a Cross\u2011Site Request Forgery scenario.", "risk_and_exploitability": "With a CVSS score of 4.3, the vulnerability presents moderate severity. No EPSS data is available, and it is not listed in the KEV catalog. The attack path requires the attacker to coerce a legitimate site administrator to visit a crafted link or trigger the forged request. Because it exploits a CSRF weakness, the risk is bound to environments where administrators routinely click unfamiliar links. Nonetheless, the potential for undetected policy changes and malicious redirections warrants prompt attention."}}}}, "created": "2026-03-23T09:50:56.872483+00:00", "updated": "2026-03-25T14:42:31.570543+00:00", "vendors": ["haghs", "haghs$PRODUCT$redirect_countdown", "wordpress", "wordpress$PRODUCT$wordpress"]}