VYPR

Notification

by WordPress

CVEs (1)

  • CVE-2021-39340MedNov 1, 2021
    risk 0.31cvss 4.8epss 0.01

    The Notification WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/src/classes/Utils/Settings.php file which made it possible for attackers with administrative user access to…