VYPR

Dvs Custom Notification

by Dvs Custom Notification Project

CVEs (2)

  • CVE-2026-3551MedApr 16, 2026
    risk 0.29cvss 4.4epss 0.00

    The Custom New User Notification plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's admin settings in all versions up to, and including, 1.2.0. This is due to insufficient input sanitization and output escaping on multiple settings fields…

  • CVE-2012-4921Apr 10, 2014
    risk 0.00cvss epss 0.01

    Multiple cross-site request forgery (CSRF) vulnerabilities in the DVS Custom Notification plugin 1.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change application settings or (2) conduct cross-site…