NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification Bar

Vulnerabilities 15Slug notificationxLatest version 3.2.6WordPress.org →

Minimum safe version

3.2.2

Update to 3.2.2 or later to address 15 fixable vulnerabilities

Latest available3.2.6 ✓

N/A

2026-01-20< 3.2.1

NotificationX <= 3.1.11 - Missing Authorization to Authenticated (Contributor+) Analytics Reset

Wordfence CVE

Medium 5.3

2026-02-19< 3.2.2

CVE-2026-27042

CVE Wordfence

High 7.2

2026-01-20< 3.2.1

CVE-2025-15380

CVE Wordfence

Medium 6.5

2025-02-03< 3.0.0

CVE-2025-22683

CVE EUVD Wordfence

Medium 4.4

2024-12-12< 2.9.4

CVE-2024-11727

CVE Patchstack Wordfence

Critical 9.8

2024-02-27< 2.8.3

CVE-2024-1698

CVE Wordfence Patchstack WPScan

N/A

< 2.3.12

NotificationX < 2.3.12 - Unauthenticated SQLi

WPScan

Medium 4.3

2023-07-01< 1.8.3

CVE-2020-36744

CVE Wordfence WPScan

N/A

2023-06-07< 1.8.3

CVE-2021-4342

CVE

N/A

< 1.8.3

Various Affected Software (Various Versions) - Cross-Site Request Forgery Bypass

Wordfence

N/A

2022-02-28< 2.3.12

NotificationX <= 2.3.11 - SQL Injection

Wordfence

N/A

< 1.8.3

Multiple Plugins/Themes - Cross-Site Request Forgery (CSRF)

WPScan

N/A

2020-09-16< 1.8.3

WordPress NotificationX plugin <= 1.8.2 - Cross-Site Request Forgery (CSRF) vulnerability

Patchstack

N/A

2022-02-28< 2.3.12

WordPress NotificationX plugin <= 2.3.11 - Unauthenticated SQL Injection (SQLi) vulnerability

Patchstack

Critical 9.8

2022-03-07< 2.3.9

CVE-2022-0349

CVE Patchstack Wordfence WPScan