CVE-2026-24536 WordPress Webpushr plugin <= 4.38.0 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webpushr Webpushr webpushr-web-push-notifications allows Retrieve Embedded Sensitive Data.This issue affects Webpushr: from n/a through = 4.38.0...

WordPress Webpushr Plugin < 4.35.0 is vulnerable to Cross Site Scripting (XSS)

Software Webpushr Type Plugin Vulnerable versions 4.35.0 Fixed in 4.35.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5620 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 15644fc2ddd3 Credits Krzysztof Zając Required...

WordPress Webpushr Plugin <= 4.34.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Webpushr Type Plugin Vulnerable versions = 4.34.0 Fixed in 4.35.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-35041 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 5f64981a29ac Credits Theodoros Malachias...