4 matches found
CVE-2025-1672
The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-1672
creationtimestamp| type| source ---|---|--- 2025-03-06 09:37:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6658 2025-03-06 13:39:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljpmlaxvn62o 2025-03-06 13:50:32+00:00| seen| https://t.me/cvedetector/19693 2025-03-08...
CVE-2025-1672 Notibar <= 2.1.5 - Authenticated (Administrator+) Stored Cross-Site Scripting
The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-1672
CVE-2025-1672 refers to Notibar – Notification Bar for WordPress, a stored XSS in admin settings affecting versions up to 2.1.5. The vulnerability requires authenticated attackers with administrator-level privileges (and above) and is limited to multisite setups or installs where unfiltered_html ...