VYPR

Notificationx

by Wpdeveloper

Source repositories

CVEs (4)

  • CVE-2024-1698CriFeb 27, 2024
    risk 0.64cvss 9.8epss 0.78

    The NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor plugin for WordPress is vulnerable to SQL Injection via the 'type' parameter in all versions up to, and including, 2.8.2 due to insufficient escaping on the user…

  • CVE-2025-22683MedFeb 3, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper NotificationX notificationx allows Stored XSS.This issue affects NotificationX: from n/a through <= 2.9.5.

  • CVE-2026-27042MedFeb 19, 2026
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in WPDeveloper NotificationX notificationx allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NotificationX: from n/a through <= 3.2.1.

  • CVE-2020-36744MedJul 1, 2023
    risk 0.21cvss 4.3epss 0.00

    The NotificationX plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.2. This is due to missing or incorrect nonce validation on the generate_conversions() function. This makes it possible for unauthenticated attackers to…