Vulnerabilities > Webpushr

DATE CVE VULNERABILITY TITLE RISK
2023-11-27 CVE-2023-5620 Cross-site Scripting vulnerability in Webpushr web Push Notifications
The Web Push Notifications WordPress plugin before 4.35.0 does not prevent visitors on the site from changing some of the plugin options, some of which may be used to conduct Stored XSS attacks.
network
low complexity
webpushr CWE-79
5.4
2023-11-13 CVE-2023-35041 Unspecified vulnerability in Webpushr web Push Notifications
Cross-Site Request Forgery (CSRF) vulnerability leading to Local File Inclusion (LF) in Webpushr Web Push Notifications Web Push Notifications – Webpushr plugin <= 4.34.0 versions.
network
low complexity
webpushr
8.8