Notification Bar for WordPress <= 1.1.8 – Unauthenticated Subscriber Data Disclosure

Description The plugin exposes an unauthenticated CSV export script that discloses all stored subscriber emails. https://example.com/wp-content/plugins/8-degree-notification-bar/inc/backend/blocks/export-csv.php...

CVE-2025-62993 WordPress Notification for Telegram plugin <= 3.5.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in rainafarai Notification for Telegram notification-for-telegram allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notification for Telegram: from n/a through = 3.5.1...

EUVD-2023-56093

Malicious code in bioql PyPI...

EUVD-2025-26956

Malicious code in bioql PyPI...

EUVD-2024-36755

Malicious code in bioql PyPI...

CVE-2025-58821

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdever WP Notification Bell wp-notification-bell allows Stored XSS.This issue affects WP Notification Bell: from n/a through = 1.4.6...

CVE-2025-58821

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdever WP Notification Bell wp-notification-bell allows Stored XSS.This issue affects WP Notification Bell: from n/a through = 1.4.6...

CVE-2024-37556

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SeedProd WordPress Notification Bar allows Stored XSS.This issue affects WordPress Notification Bar: from n/a through 1.3.10...

CVE-2023-51372

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes HashBar – WordPress Notification Bar allows Stored XSS.This issue affects HashBar – WordPress Notification Bar: from n/a through 1.4.1...

WordPress Notification for Telegram Plugin <= 3.3.1 is vulnerable to Broken Access Control

Software Notification for Telegram Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.3.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9685 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4b8ba917ec79 Credits István Márton Requir...

CVE-2024-37556

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SeedProd WordPress Notification Bar allows Stored XSS.This issue affects WordPress Notification Bar: from n/a through 1.3.10...

CVE-2024-37556

CVE-2024-37556 is an Stored XSS in SeedProd WordPress Notification Bar. The vulnerability stems from improper input neutralization during web page generation, affecting WordPress Notification Bar versions n/a–1.3.10. Exploitation requires authenticated access and user interaction (UI:R) with netw...

WordPress WordPress Notification Bar Plugin <= 1.3.10 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Notification Bar Type Plugin Vulnerable versions = 1.3.10 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37556 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b8739a663b5e Credits Sharanabasappa Required...

CVE-2023-51372

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HasThemes HashBar – WordPress Notification Bar allows Stored XSS.This issue affects HashBar – WordPress Notification Bar: from n/a through 1.4.1...

CVE-2023-51372

CVE-2023-51372 is a stored XSS vulnerability in the HashBar – WordPress Notification Bar plugin for WordPress. The issue affects HashBar versions up to 1.4.1 (from n/a through 1.4.1) and is caused by improper input neutralization during web page generation. The vulnerability is listed as patched ...

WordPress Notification Plugin <= 6.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Notification Type Plugin Vulnerable versions = 6.0.4 Fixed in 6.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 58552eb21f66 Credits Rafie Muhammad Patchstack Required...

WordPress WordPress Notification Bar Plugin - TinyBar Plugin <= 2.1 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Notification Bar Plugin - TinyBar Type Plugin Vulnerable versions = 2.1 Fixed in 2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2bc5afc6df48 Credits Rafie...