VYPR

Email Notifications for Updates

by WordPress

CVEs (2)

  • CVE-2025-26741HigApr 15, 2025
    risk 0.57cvss 8.8epss 0.00

    Missing Authorization vulnerability in AWEOS GmbH Email Notifications for Updates wp-update-mail-notification allows Privilege Escalation.This issue affects Email Notifications for Updates: from n/a through <= 1.1.6.

  • CVE-2025-2933HigApr 5, 2025
    risk 0.57cvss 8.8epss 0.00

    The Email Notifications for Updates plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the awun_import_settings() function in all versions up to, and including, 1.1.6. This makes it…