VYPR
Vendor

OneSignal

Products
2
CVEs
2
Across products
2
Status
Private

Products

2

Recent CVEs

2
  • CVE-2025-13950MedDec 15, 2025
    risk 0.27cvss 5.3epss 0.00

    The OneSignal – Web Push Notifications plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settings handling functionality in all versions up to, and including, 3.6.1. This is due to the plugin processing POST…

  • CVE-2023-28430HigMar 27, 2023
    risk 0.00cvss 7.3epss 0.01

    OneSignal is an email, sms, push notification, and in-app message service for mobile apps.The Zapier.yml workflow is triggered on issues (types: [closed]) (i.e., when an Issue is closed). The workflow starts with full write-permissions GitHub repository token since the default…