Every CVE whose affected-product data names Plugin Waiting, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-28659 — CVSS 8.8 (high): The Waiting: One-click Countdowns WordPress Plugin, version <= 0.6.2, is affected by an authenticated SQL injection vulnerability in the…
CVE-2023-2757 — CVSS 7.4 (high): The Waiting: One-click countdowns plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on…
CVE-2023-3999 — CVSS 6.3 (medium): The Waiting: One-click countdowns plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on its AJAX…
CVE-2023-4000 — CVSS 6.3 (medium): The Waiting: One-click countdowns plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.6.2…
CVE-2022-4954 — CVSS 5.5 (medium): The Waiting: One-click countdowns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown name in versions up…