Exposure of OneSignal
A/B Testing, Marketing automation13
exposure score
41,815
sites use
0
exploited
0
critical
CVEs
3 resultsCVE-2023-28430HIGHOneSignal repository github action command injectionEPSS 0.9%CVE-2026-3155LOWOneSignal – Web Push Notifications <= 3.8.0 - Missing Authorization to Authenticated (Subscriber+) Post Meta Deletion via 'post_id'EPSS 0.3%CVE-2025-13950MEDIUMOneSignal – Web Push Notifications <= 3.6.1 - Missing Authorization to Unauthenticated Plugin Settings UpdateEPSS 0.3%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →