CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Missing Authorization vulnerability in CodeSolz Ultimate Push Notifications ultimate-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Push Notifications: from n/a through = 1.2.0...

6.5CVSS5.9AI score0.00298EPSS

Exploits0References1

NVD•added 2025/07/16 12:15 p.m.•4 views

CVE-2025-50028

6.5CVSS0.00298EPSS

Exploits0References1

CNNVD•added 2025/07/16 12:0 a.m.•2 views

WordPress plugin Ultimate Push Notifications 安全漏洞

WordPress Ultimate Push Notifications is a plugin that is mainly used to implement real-time push functionality in WordPress websites, supporting sending desktop and mobile device notifications to users. WordPress Ultimate Push Notifications suffers from a lack of authorization vulnerability, no...

6.5CVSS6.8AI score0.00298EPSS

Exploits0References1

Positive Technologies•added 2025/07/16 12:0 a.m.•2 views

PT-2025-29810 · Unknown · Codesolz Ultimate Push Notifications

Name of the Vulnerable Software and Affected Versions: CodeSolz Ultimate Push Notifications versions through 1.1.9 Description: The software contains a missing authorization flaw due to incorrectly configured access control security levels. Recommendations: Update CodeSolz Ultimate Push...

6.5CVSS6.3AI score0.00298EPSS

Exploits0References4

RedhatCVE•added 2025/04/03 9:36 p.m.•6 views

CVE-2025-31561

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CodeSolz Ultimate Push Notifications ultimate-push-notifications allows SQL Injection.This issue affects Ultimate Push Notifications: from n/a through = 1.2.0...

8.5CVSS7.3AI score0.00117EPSS

Exploits0References1

RedhatCVE•added 2025/04/03 9:35 p.m.•6 views

CVE-2025-31548

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeSolz Ultimate Push Notifications ultimate-push-notifications allows Reflected XSS.This issue affects Ultimate Push Notifications: from n/a through = 1.2.0...

7.1CVSS7.2AI score0.0027EPSS

Exploits0References1

NVD•added 2025/04/01 9:15 p.m.•9 views

CVE-2025-31561

8.5CVSS0.00117EPSS

Exploits0References1

NVD•added 2025/04/01 9:15 p.m.•6 views

CVE-2025-31548

7.1CVSS0.0027EPSS

Exploits0References1

Cvelist•added 2025/04/01 8:58 p.m.•14 views

CVE-2025-31561 WordPress Ultimate Push Notifications plugin <= 1.2.0 - SQL Injection vulnerability

8.5CVSS0.00117EPSS

Exploits0References1

Vulnrichment•added 2025/04/01 8:58 p.m.•5 views

CVE-2025-31561 WordPress Ultimate Push Notifications plugin <= 1.1.8 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in M. Tuhin Ultimate Push Notifications allows SQL Injection. This issue affects Ultimate Push Notifications: from n/a through 1.1.8...

8.5CVSS7.9AI score0.00117EPSS

Exploits0References1

Vulnrichment•added 2025/04/01 8:58 p.m.•5 views

CVE-2025-31548 WordPress Ultimate Push Notifications plugin <= 1.1.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in M. Tuhin Ultimate Push Notifications allows Reflected XSS. This issue affects Ultimate Push Notifications: from n/a through 1.1.8...

7.1CVSS7.2AI score0.0027EPSS

Exploits0References1

CVE•added 2025/04/01 8:58 p.m.•50 views

CVE-2025-31548

The CVE-2025-31548 entry affects Ultimate Push Notifications (WordPress) up to version 1.1.8, with a Reflected XSS vulnerability in input handling during web page generation. The vulnerability is described as XSS in the plugin, but exploitation status and a mitigation/fix are not provided in the ...

7.1CVSS7.2AI score0.0027EPSS

Exploits0References1

Cvelist•added 2025/04/01 8:58 p.m.•14 views

CVE-2025-31548 WordPress Ultimate Push Notifications plugin <= 1.2.0 - Reflected Cross Site Scripting (XSS) vulnerability

7.1CVSS0.0027EPSS

Exploits0References1

CNNVD•added 2025/04/01 12:0 a.m.•2 views

WordPress plugin Ultimate Push Notifications 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6.9AI score0.0027EPSS

Exploits0References2

Positive Technologies•added 2025/04/01 12:0 a.m.•2 views

PT-2025-14427 · Unknown · M. Tuhin Ultimate Push Notifications

Name of the Vulnerable Software and Affected Versions: M. Tuhin Ultimate Push Notifications versions n/a through 1.1.8 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection...

8.5CVSS9AI score0.00117EPSS

Exploits0References6

Positive Technologies•added 2025/04/01 12:0 a.m.•2 views

PT-2025-14421 · Unknown · M. Tuhin Ultimate Push Notifications

Name of the Vulnerable Software and Affected Versions: M. Tuhin Ultimate Push Notifications versions 1.1.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This means an attack...

7.1CVSS7.2AI score0.0027EPSS

Exploits0References5

CNNVD•added 2025/04/01 12:0 a.m.•1 views

WordPress plugin Ultimate Push Notifications SQL注入漏洞

8.5CVSS9AI score0.00117EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by