CVE-2025-32540
- EPSS 0.14%
- Veröffentlicht 17.04.2025 15:47:35
- Zuletzt bearbeitet 15.04.2026 00:35:42
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in feedify Feedify – Web Push Notifications push-notification-by-feedify allows Reflected XSS.This issue affects Feedify – Web Push Notifications: from...
CVE-2024-13874
- EPSS 0.2%
- Veröffentlicht 10.04.2025 06:00:05
- Zuletzt bearbeitet 30.04.2025 19:12:18
The Feedify WordPress plugin before 2.4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
CVE-2024-11811
- EPSS 0.96%
- Veröffentlicht 20.12.2024 23:15:05
- Zuletzt bearbeitet 15.04.2026 00:35:42
The Feedify – Web Push Notifications plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'platform', 'phone', 'email', and 'store_url' parameters. in all versions up to, and including, 2.4.2 due to insufficient input sanitiza...
CVE-2021-38352
- EPSS 0.21%
- Veröffentlicht 10.09.2021 14:15:10
- Zuletzt bearbeitet 21.11.2024 06:16:52
The Feedify – Web Push Notifications WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the feedify_msg parameter found in the ~/includes/base.php file which allows attackers to inject arbitrary web scripts, in versions up to and in...