Lucene search
K

259 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1588

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.009EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-3405

Malicious code in bioql PyPI...

6.5CVSS8.7AI score0.00373EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/07 2:32 p.m.7 views

CVE-2025-58873

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pusheco Pushe Web Push Notification pushe-webpush allows Stored XSS.This issue affects Pushe Web Push Notification: from n/a through = 0.5.0...

5.9CVSS5.9AI score0.0017EPSS
Exploits0References1
CVE
CVE
added 2025/09/05 1:45 p.m.13 views

CVE-2025-58873

CVE-2025-58873 affects the WordPress plugin Pushe Web Push Notification (versions up to 0.5.0). The issue is a Stored XSS caused by improper input neutralization during web page generation, enabling XSS via user-supplied data. Public sources provide the root cause and affected versions but do not...

5.9CVSS5.9AI score0.0017EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.7 views

WordPress plugin Pushe Web Push Notification 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

5.9CVSS5.8AI score0.0017EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/06 2:18 a.m.17 views

CVE-2025-5924

The WP Firebase Push Notification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the wfpnbrodcastnotificationmessage function. This makes it possible for unauthenticated attacker...

4.3CVSS6.1AI score0.00133EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/04 1:44 a.m.4 views

CVE-2025-5924 WP Firebase Push Notification <= 1.2.0 - Cross-Site Request Forgery to Broadcast Notification

The WP Firebase Push Notification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the wfpnbrodcastnotificationmessage function. This makes it possible for unauthenticated attacker...

4.3CVSS6AI score0.00133EPSS
Exploits0References2
CVE
CVE
added 2025/07/04 1:44 a.m.28 views

CVE-2025-5924

CVE-2025-5924 concerns the WP Firebase Push Notification WordPress plugin (versions

4.3CVSS6.1AI score0.00133EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/04 12:0 a.m.6 views

PT-2025-27841 · WordPress · Wp Firebase Push Notification

Name of the Vulnerable Software and Affected Versions: WP Firebase Push Notification plugin for WordPress versions prior to 1.2.1 Description: The issue is due to missing or incorrect nonce validation on the wfpn brodcast notification message function, making it possible for unauthenticated...

4.3CVSS6AI score0.00133EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/07/04 12:0 a.m.3 views

WordPress plugin WP Firebase Push Notification 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

4.3CVSS6.4AI score0.00133EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 5:10 a.m.7 views

CVE-2023-32688

parse-server-push-adapter is the official Push Notification adapter for Parse Server. The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. This issue has been patched in version 4.1.3...

7.5CVSS6.8AI score0.009EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:15 a.m.8 views

CVE-2022-45169

An issue was discovered in LIVEBOX Collaboration vDesk through v031. A URL Redirection to an Untrusted Site Open Redirect can occur under the /api/v1/notification/createnotification endpoint, allowing an authenticated user to send an arbitrary push notification to any other user of the system. Th...

5.9CVSS6.8AI score0.00265EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:41 p.m.6 views

CVE-2020-1387

An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'...

7.8CVSS7AI score0.00762EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 5:39 p.m.10 views

CVE-2020-1137

An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'...

7.8CVSS7AI score0.00821EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:4 p.m.7 views

CVE-2020-1017

An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1001, CVE-2020-1006...

7.8CVSS6.6AI score0.00856EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:4 p.m.5 views

CVE-2020-1016

An information disclosure vulnerability exists when the Windows Push Notification Service improperly handles objects in memory, aka 'Windows Push Notification Service Information Disclosure Vulnerability'...

5.5CVSS6.2AI score0.01277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:3 p.m.8 views

CVE-2020-1001

An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1006, CVE-2020-1017...

7.8CVSS6.6AI score0.00856EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:3 p.m.10 views

CVE-2020-0940

An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1001, CVE-2020-1006, CVE-2020-1017...

7.8CVSS6.6AI score0.00856EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:50 p.m.6 views

CVE-2020-1006

An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1001, CVE-2020-1017...

7.8CVSS7AI score0.00856EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/18 4:3 p.m.13 views

CVE-2025-48127

Missing Authorization vulnerability in App Cheap Push notification for Mobile and Web app push-notification-mobile-and-web-app allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Push notification for Mobile and Web app: from n/a through = 2.0.3...

6.5CVSS7.2AI score0.00214EPSS
Exploits0References1
Rows per page
Query Builder