CVE-2025-13950 — The OneSignal – Web Push Notifications plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settings handling functionality in all versions — CVE Database · The Intelligence Room