Wpfront ≫ Wpfront Notification Bar

2 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

4.8

CVE-2024-0625

EPSS 0.16%
Published 25.01.2024 03:15:07
Last modified 29.05.2025 16:15:31

The WPFront Notification Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpfront-notification-bar-options[custom_class]’ parameter in all versions up to, and including, 3.3.2 due to insufficient input sanitization and o...

5.4

CVE-2021-24601

Exploit

EPSS 0.16%
Published 06.09.2021 11:15:08
Last modified 21.11.2024 05:53:23

The WPFront Notification Bar WordPress plugin before 2.1.0.08087 does not properly sanitise and escape its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed...