Wpdeveloper Notificationx — known CVE vulnerabilities
Every CVE whose affected-product data names Wpdeveloper Notificationx, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-0349 — CVSS 9.8 (critical): The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter before using it in a SQL statement…
CVE-2024-1698 — CVSS 9.8 (critical): The NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor plugin for WordPress is…
CVE-2025-22683 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper NotificationX…
CVE-2020-36744 — CVSS 4.3 (medium): The NotificationX plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.2. This is due to…