CVE-2023-5620

Summary

The Web Push Notifications WordPress plugin before 4.35.0 does not prevent visitors on the site from changing some of the plugin options, some of which may be used to conduct Stored XSS attacks.

Affected Software

VendorProductVersion RangeStatus
UnknownWeb Push Notifications0 < 4.35.0affected

Weaknesses

  • CWE-79 Cross-Site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References