The DVS Custom Notification plugin 1.0.1 and earlier for WordPress had multiple security vulnerabilities which allowed remote attackers to gain access to administrator authentication. This access could be used to change application settings or to perform Cross-Site Scripting (XSS) attacks.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
