Skip to main content

Onesignal Free Web Push Notifications

1 CVEs product

Monthly

CVE-2019-15827 MEDIUM POC This Month

The onesignal-free-web-push-notifications plugin before 1.17.8 for WordPress has XSS via the subdomain parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Onesignal Free Web Push Notifications
NVD
CVSS 3.0
5.4
EPSS
1.1%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

The onesignal-free-web-push-notifications plugin before 1.17.8 for WordPress has XSS via the subdomain parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Onesignal Free Web Push Notifications
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy