CVE-2025-22683 WordPress NotificationX plugin <= 2.9.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPDeveloper NotificationX notificationx allows Stored XSS.This issue affects NotificationX: from n/a through = 2.9.5...

WordPress NotificationX Plugin <= 2.8.2 is vulnerable to SQL Injection

Software NotificationX Type Plugin Vulnerable versions = 2.8.2 Fixed in 2.8.3 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1698 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 7d9025b61012 Credits Krzysztof Zając Required privilege Unauthenticated...