Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-4954

The Waiting: One-click countdowns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown name in versions up to, and including, 0.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.6%
CVSS Severity
CVSS v3 Score 5.5
Products affected by CVE-2022-4954
  • Plugin » Waiting » Version: N/A
    cpe:2.3:a:plugin:waiting:-
  • Plugin » Waiting » Version: 0.2.4
    cpe:2.3:a:plugin:waiting:0.2.4
  • Plugin » Waiting » Version: 0.2.5
    cpe:2.3:a:plugin:waiting:0.2.5
  • Plugin » Waiting » Version: 0.2.6
    cpe:2.3:a:plugin:waiting:0.2.6
  • Plugin » Waiting » Version: 0.2.7
    cpe:2.3:a:plugin:waiting:0.2.7
  • Plugin » Waiting » Version: 0.2.8
    cpe:2.3:a:plugin:waiting:0.2.8
  • Plugin » Waiting » Version: 0.3
    cpe:2.3:a:plugin:waiting:0.3
  • Plugin » Waiting » Version: 0.3.1
    cpe:2.3:a:plugin:waiting:0.3.1
  • Plugin » Waiting » Version: 0.3.3
    cpe:2.3:a:plugin:waiting:0.3.3
  • Plugin » Waiting » Version: 0.3.4
    cpe:2.3:a:plugin:waiting:0.3.4
  • Plugin » Waiting » Version: 0.3.5
    cpe:2.3:a:plugin:waiting:0.3.5
  • Plugin » Waiting » Version: 0.3.6
    cpe:2.3:a:plugin:waiting:0.3.6
  • Plugin » Waiting » Version: 0.3.7
    cpe:2.3:a:plugin:waiting:0.3.7
  • Plugin » Waiting » Version: 0.3.8
    cpe:2.3:a:plugin:waiting:0.3.8
  • Plugin » Waiting » Version: 0.3.9
    cpe:2.3:a:plugin:waiting:0.3.9
  • Plugin » Waiting » Version: 0.3.9.1
    cpe:2.3:a:plugin:waiting:0.3.9.1
  • Plugin » Waiting » Version: 0.3.9.2
    cpe:2.3:a:plugin:waiting:0.3.9.2
  • Plugin » Waiting » Version: 0.3.9.3
    cpe:2.3:a:plugin:waiting:0.3.9.3
  • Plugin » Waiting » Version: 0.3.9.4
    cpe:2.3:a:plugin:waiting:0.3.9.4
  • Plugin » Waiting » Version: 0.3.9.5
    cpe:2.3:a:plugin:waiting:0.3.9.5
  • Plugin » Waiting » Version: 0.3.9.6
    cpe:2.3:a:plugin:waiting:0.3.9.6
  • Plugin » Waiting » Version: 0.3.9.7
    cpe:2.3:a:plugin:waiting:0.3.9.7
  • Plugin » Waiting » Version: 0.3.9.8
    cpe:2.3:a:plugin:waiting:0.3.9.8
  • Plugin » Waiting » Version: 0.3.9.9
    cpe:2.3:a:plugin:waiting:0.3.9.9
  • Plugin » Waiting » Version: 0.4
    cpe:2.3:a:plugin:waiting:0.4
  • Plugin » Waiting » Version: 0.4.1
    cpe:2.3:a:plugin:waiting:0.4.1
  • Plugin » Waiting » Version: 0.4.2
    cpe:2.3:a:plugin:waiting:0.4.2
  • Plugin » Waiting » Version: 0.4.3
    cpe:2.3:a:plugin:waiting:0.4.3
  • Plugin » Waiting » Version: 0.4.4
    cpe:2.3:a:plugin:waiting:0.4.4
  • Plugin » Waiting » Version: 0.4.5
    cpe:2.3:a:plugin:waiting:0.4.5
  • Plugin » Waiting » Version: 0.4.7
    cpe:2.3:a:plugin:waiting:0.4.7
  • Plugin » Waiting » Version: 0.4.8
    cpe:2.3:a:plugin:waiting:0.4.8
  • Plugin » Waiting » Version: 0.4.9
    cpe:2.3:a:plugin:waiting:0.4.9
  • Plugin » Waiting » Version: 0.5
    cpe:2.3:a:plugin:waiting:0.5
  • Plugin » Waiting » Version: 0.5.1
    cpe:2.3:a:plugin:waiting:0.5.1
  • Plugin » Waiting » Version: 0.5.2
    cpe:2.3:a:plugin:waiting:0.5.2
  • Plugin » Waiting » Version: 0.5.3
    cpe:2.3:a:plugin:waiting:0.5.3
  • Plugin » Waiting » Version: 0.5.4
    cpe:2.3:a:plugin:waiting:0.5.4
  • Plugin » Waiting » Version: 0.5.5
    cpe:2.3:a:plugin:waiting:0.5.5
  • Plugin » Waiting » Version: 0.5.6
    cpe:2.3:a:plugin:waiting:0.5.6
  • Plugin » Waiting » Version: 0.5.7
    cpe:2.3:a:plugin:waiting:0.5.7
  • Plugin » Waiting » Version: 0.5.8
    cpe:2.3:a:plugin:waiting:0.5.8
  • Plugin » Waiting » Version: 0.5.9
    cpe:2.3:a:plugin:waiting:0.5.9
  • Plugin » Waiting » Version: 0.6.0
    cpe:2.3:a:plugin:waiting:0.6.0
  • Plugin » Waiting » Version: 0.6.1
    cpe:2.3:a:plugin:waiting:0.6.1
  • Plugin » Waiting » Version: 0.6.2
    cpe:2.3:a:plugin:waiting:0.6.2


Products
Pricing
Contact Us

Shodan ® - All rights reserved