VYPR

Gp Notification Bar

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-31610MedMar 31, 2025
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gingerplugins Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme gp-notification-bar allows Stored XSS.This issue affects Notification Bar, Sticky…

  • CVE-2025-9895MedOct 3, 2025
    risk 0.28cvss 4.3epss 0.00

    The Notification Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the 'subscriber-list-empty.php' file. This makes it possible for unauthenticated attackers to…