4 matches found
CVE-2021-39340
The Notification WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /src/classes/Utils/Settings.php file which made it possible for attackers with administrative user access to inject arbitrary we...
CVE-2021-39340
The Notification WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /src/classes/Utils/Settings.php file which made it possible for attackers with administrative user access to inject arbitrary we...
CVE-2021-39340 Notification – Custom Notifications and Alerts for WordPress <= 7.2.4 Authenticated Stored Cross-Site Scripting
The Notification WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /src/classes/Utils/Settings.php file which made it possible for attackers with administrative user access to inject arbitrary we...
CVE-2021-39340
The WordPress Notification plugin is affected by CVE-2021-39340 (up to v7.2.4). The vulnerability is a Stored Cross-Site Scripting (XSS) due to insufficient input validation/sanitization in multiple parameters within Settings.php, exploitable by attackers with administrative access on multi-site ...