cleantalk
Vulnerabilities and Security Researches

Ultimate Push Notifications ( Mobile / Desktop ), Receive Notification From WooCommerce, BuddyPress, WordPress Default Events &, CVE-2025-50028

CVE, Research URL

CVE-2025-50028

Home page URL

Security reports for Ultimate Push Notifications ( Mobile / Desktop ), Receive Notification From WooCommerce, BuddyPress, WordPress Default Events &

Application

Ultimate Push Notifications ( Mobile / Desktop ), Receive Notification From WooCommerce, BuddyPress, WordPress Default Events &

Published on
Jul 16, 2025
Research Description
Missing Authorization vulnerability in CodeSolz Ultimate Push Notifications allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ultimate Push Notifications: from n/a through 1.1.9.
Affected versions
Min -, max 1.1.9.
Status
vulnerable
Previous vulnerability researches
Ultimate Push Notifications ( Mobile / Desktop ), Receive Notification From WooCommerce, BuddyPress, WordPress Default Events & (CVE-2025-50028) , Jul 19, 2025
Ultimate Push Notifications ( Mobile / Desktop ), Receive Notification From WooCommerce, BuddyPress, WordPress Default Events & (CVE-2025-31561) , Apr 03, 2025
Ultimate Push Notifications ( Mobile / Desktop ), Receive Notification From WooCommerce, BuddyPress, WordPress Default Events & (CVE-2025-31548) , Apr 03, 2025
New vulnerability
DB Backup (CVE-2025-50031) , Jul 19, 2025
Vchasno Kasa (CVE-2025-6720) , Jul 19, 2025
Vchasno Kasa (CVE-2025-6721) , Jul 19, 2025
Media Library Assistant (CVE-2025-7035) , Jul 19, 2025
Wallet System for WooCommerce – Digital Wallet, Cashback Rewards, Recharge User Wallets, View Transaction History (CVE-2025-54041) , Jul 19, 2025