WordPress Post Status Notifier Lite <1.10.1 - Cross-Site Scripting

WordPress Post Status Notifier Lite plugin before 1.10.1 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the...

[SECURITY] Fedora 44 Update: kf6-kstatusnotifieritem-6.25.0-1.fc44

Implementation of Status Notifier Items...

CVE-2025-13521

The WP Status Notifier plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to update the plugin...

CVE-2025-13521

WP Status Notifier is vulnerable to CSRF due to missing/incorrect nonce validation on the settings update function, enabling unauthenticated attackers to change plugin settings by decep­tively prompting an admin (e.g., via forged link). The CVE entry lists a CVSS v3.1 base score of 4.3 (Medium) w...

CVE-2025-13521 WP Status Notifier <= 1.0 - Cross-Site Request Forgery to Settings Update

The WP Status Notifier plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to update the plugin...

WordPress plugin WP Status Notifier 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

PT-2026-1593

Name of the Vulnerable Software and Affected Versions WP Status Notifier plugin for WordPress versions prior to 1.1 Description The WP Status Notifier plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is caused by insufficient or incorrect nonce validation when updating...

WordPress WP Status Notifier plugin <= 1.0 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin WP Status Notifier versions = 1.0...

[SECURITY] Fedora 43 Update: kf6-kstatusnotifieritem-6.20.0-2.fc43

Implementation of Status Notifier Items...

CVE-2024-10048

The Post Status Notifier Lite and Premium plugins for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 1.11.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2023-47766

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Timo Reith Post Status Notifier Lite plugin = 1.11.0 versions...

CVE-2024-10048

CVE-2024-10048 affects the WordPress plugins Post Status Notifier Lite and Premium up to version 1.11.6, with a Reflected Cross-Site Scripting via the ‘page’ parameter caused by insufficient input sanitization and output escaping. An unauthenticated attacker could inject web scripts into pages ex...

WordPress Post Status Notifier Premium plugin <= 1.11.6 - Reflected Cross-Site Scripting via page vulnerability

Reflected Cross-Site Scripting via page vulnerability discovered by Colin Xu in WordPress Plugin Post Status Notifier Premium versions = 1.11.6...

WordPress Post Status Notifier Lite plugin <= 1.11.6 - Reflected Cross-Site Scripting via page vulnerability

Reflected Cross-Site Scripting via page vulnerability discovered by Colin Xu in WordPress Plugin Post Status Notifier Lite versions = 1.11.6...

PT-2024-15995 · WordPress · Post Status Notifier Lite +1

Name of the Vulnerable Software and Affected Versions: Post Status Notifier Lite and Premium plugins for WordPress versions up to, and including, 1.11.6 Description: The issue is related to Reflected Cross-Site Scripting via the page parameter due to insufficient input sanitization and output...

WordPress Post Status Notifier Lite Plugin <= 1.11.6 is vulnerable to Cross Site Scripting (XSS)

Software Post Status Notifier Lite Type Plugin Vulnerable versions = 1.11.6 Fixed in 1.11.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10048 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fa83a961050b Credits Colin...

WordPress Post Status Notifier Premium Plugin <= 1.11.6 is vulnerable to Cross Site Scripting (XSS)

Software Post Status Notifier Premium Type Plugin Vulnerable versions = 1.11.6 Fixed in 1.11.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10048 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5dcdb37cb71e Credits...

CVE-2023-47766

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Timo Reith Post Status Notifier Lite plugin = 1.11.0 versions...

CVE-2023-47766

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Timo Reith Post Status Notifier Lite plugin = 1.11.0 versions...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Timo Reith Post Status Notifier Lite plugin = 1.11.0 versions...