Webpushr Web Push Notifications — known CVE vulnerabilities
Every CVE whose affected-product data names Webpushr Web Push Notifications, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2023-35041 — CVSS 8.8 (high): Cross-Site Request Forgery (CSRF) vulnerability leading to Local File Inclusion (LF) in Webpushr Web Push Notifications Web Push…
CVE-2023-5620 — CVSS 5.4 (medium): The Web Push Notifications WordPress plugin before 4.35.0 does not prevent visitors on the site from changing some of the plugin options…