WordPress Feedify - Web Push Notifications plugin < 2.4.6 - Reflected XSS vulnerability

WordPress Feedify - Web Push Notifications plugin 2.4.6 - Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Feedify – Web Push Notifications versions 2.4.6...

EUVD-2021-24805

Malware in sbrugna...

EUVD-2025-10490

Malicious code in bioql PyPI...

EUVD-2025-11672

Malicious code in bioql PyPI...

CVE-2024-11811

The Feedify – Web Push Notifications plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'platform', 'phone', 'email', and 'storeurl' parameters. in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible...

CVE-2025-32540

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in feedify Feedify – Web Push Notifications push-notification-by-feedify allows Reflected XSS.This issue affects Feedify – Web Push Notifications: from n/a through = 2.4.5...

CVE-2025-32540

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in feedify Feedify – Web Push Notifications push-notification-by-feedify allows Reflected XSS.This issue affects Feedify – Web Push Notifications: from n/a through = 2.4.5...

CVE-2025-32540 WordPress Feedify – Web Push Notifications plugin <= 2.4.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in feedify Feedify – Web Push Notifications push-notification-by-feedify allows Reflected XSS.This issue affects Feedify – Web Push Notifications: from n/a through = 2.4.5...

CVE-2025-32540

CVE-2025-32540 refers to a Reflected Cross-Site Scripting (XSS) vulnerability in the Feedify – Web Push Notifications WordPress plugin, affecting versions up to and including 2.4.5. Root cause: improper input neutralization during web page generation leading to reflected XSS. CVSS v3.1 base score...

WordPress plugin Feedify – Web Push Notifications 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

PT-2025-17107 · Unknown · Feedify – Web Push Notifications

Name of the Vulnerable Software and Affected Versions: Feedify – Web Push Notifications versions n/a through 2.4.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Reflected XSS. This means that ...

CVE-2024-13874

The Feedify WordPress plugin before 2.4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-13874

The Feedify WordPress plugin before 2.4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-13874

The Feedify WordPress plugin before 2.4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-13874

The Feedify WordPress plugin before 2.4.6 is vulnerable to a Reflected Cross-Site Scripting attack because it does not sanitise and escape a parameter before outputting it back on the page, potentially affecting high-privilege users such as admins. Affected component is the output path handling t...

CVE-2024-13874 Feedify – Web Push Notifications < 2.4.6 - Reflected XSS

The Feedify WordPress plugin before 2.4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

WordPress plugin Feedify 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2025-15916 · WordPress · Fedify

Name of the Vulnerable Software and Affected Versions: Feedify WordPress plugin versions prior to 2.4.6 Description: The issue is related to a Reflected Cross-Site Scripting problem, where a parameter is not properly sanitized and escaped before being outputted back in the page. This could be...

CVE-2024-11811

The Feedify – Web Push Notifications plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'platform', 'phone', 'email', and 'storeurl' parameters. in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible...

CVE-2024-11811 Feedify – Web Push Notifications <= 2.4.2 - Reflected Cross-Site Scripting

The Feedify – Web Push Notifications plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'platform', 'phone', 'email', and 'storeurl' parameters. in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping. This makes it possible...