3 matches found
CVE-2023-3999 Waiting: One-click countdowns <= 0.6.2 - Missing Authorization
The Waiting: One-click countdowns plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on its AJAX calls in versions up to, and including, 0.6.2. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to create and...
CVE-2023-3999 Waiting: One-click countdowns <= 0.6.2 - Missing Authorization
The Waiting: One-click countdowns plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on its AJAX calls in versions up to, and including, 0.6.2. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to create and...
CVE-2023-3999
CVE-2023-3999 affects The Waiting: One-click countdowns plugin for WordPress. The issue is an authorization bypass caused by missing capability checks on AJAX calls in versions up to and including 0.6.2. This allows authenticated attackers with subscriber-level permissions and above to create and...