Does Notibar – Notification Bar for WordPress have any unpatched vulnerabilities?

No. All known vulnerabilities in Notibar – Notification Bar for WordPress have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Notibar – Notification Bar for WordPress compatible with WordPress 6.9.4?

According to WordPress.org data, Notibar – Notification Bar for WordPress 2.1.9 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Notibar – Notification Bar for WordPress compatible with PHP 5.3.1+?

Notibar – Notification Bar for WordPress requires PHP 5.3.1 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Notibar – Notification Bar for WordPress updated?

Notibar – Notification Bar for WordPress was last updated on Jan 26, 2026. Frequent updates are generally a positive security signal.

What is Notibar – Notification Bar for WordPress's security score?

Notibar – Notification Bar for WordPress has a WP-Safety security score of 98/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Notibar – Notification Bar for WordPress Security & Risk Analysis

wordpress.org/plugins/notibar

Customizer for sticky header, notification bar, alert, promo code, marketing campaign, top banner

8K active installs v2.1.9 PHP 5.3.1+ WP 4.0+ Updated Jan 26, 2026

announcementbannernotification-barnotificationstop-bar

A · Safe

CVEs total3

Unpatched0

Last CVEMar 5, 2025

Plugin page Download

Safety Verdict

Is Notibar – Notification Bar for WordPress Safe to Use in 2026?

Generally Safe

Score 98/100

Notibar – Notification Bar for WordPress has a strong security track record. Known vulnerabilities have been patched promptly.

3 known CVEsLast CVE: Mar 5, 2025Updated 2mo ago

Risk Assessment

The "notibar" plugin v2.1.9 presents a mixed security posture. On the positive side, static analysis reveals a lack of dangerous functions, no raw SQL queries, and a high percentage of properly escaped output. Furthermore, all identified entry points (AJAX handlers) are protected by nonce and capability checks, and there are no exposed REST API routes, shortcodes, or cron events, indicating a good understanding of secure development practices regarding access control and input sanitization at the entry point level. The taint analysis showing zero flows with unsanitized paths further bolsters this positive view.

Key Concerns

Vulnerability history includes medium severity XSS, Code Injection, and Missing
Bundled library Select2 may be outdated or vulnerable

Vulnerabilities

Notibar – Notification Bar for WordPress Security Vulnerabilities

CVEs by Year

2 CVEs in 2024

2024

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

3 total CVEs

CVE-2025-1672medium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Notibar <= 2.1.5 - Authenticated (Administrator+) Stored Cross-Site Scripting

Mar 5, 2025 Patched in 2.1.6 (1d)

CVE-2024-11012medium · 6.3Improper Control of Generation of Code ('Code Injection')

Notibar – Notification Bar for WordPress <= 2.1.4 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via njt_nofi_text

Dec 12, 2024 Patched in 2.1.5 (1d)

CVE-2024-54269medium · 4.3Missing Authorization

Notibar <= 2.1.4 - Missing Authorization via ajax_install_plugin

Dec 11, 2024 Patched in 2.1.5 (8d)

Code Analysis

Analyzed Mar 16, 2026

Notibar – Notification Bar for WordPress Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

137 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

Output Escaping

91% escaped151 total outputs

Attack Surface

Notibar – Notification Bar for WordPress Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 3

authwp_ajax_njt_nofi_save_reviewincludes\NotificationBar\NotificationBarHandle.php:40

authwp_ajax_njt_nofi_textincludes\NotificationBar\WpCustomNotification.php:77

authwp_ajax_njt_nofi_query_page_postincludes\NotificationBar\WpPosts.php:21

WordPress Hooks 19

actioninitincludes\cross.php:52

actionadmin_noticesincludes\cross.php:58

actionwp_dashboard_setupincludes\cross.php:66

actionadmin_footerincludes\cross.php:67

actionplugins_loadedincludes\I18n.php:20

actionadmin_menuincludes\NotificationBar\NotificationBarHandle.php:31

actionwpincludes\NotificationBar\NotificationBarHandle.php:33

actionadmin_noticesincludes\NotificationBar\NotificationBarHandle.php:37

actionwp_enqueue_scriptsincludes\NotificationBar\NotificationBarHandle.php:43

filterplugin_action_links_notibar/njt-notification-bar.phpincludes\NotificationBar\NotificationBarHandle.php:44

actionwp_footerincludes\NotificationBar\NotificationBarHandle.php:304

actionwp_footerincludes\NotificationBar\NotificationBarHandle.php:308

actionwp_footerincludes\NotificationBar\NotificationBarHandle.php:309

actioncustomize_registerincludes\NotificationBar\WpCustomNotification.php:72

actioncustomize_controls_enqueue_scriptsincludes\NotificationBar\WpCustomNotification.php:73

actionwp_enqueue_scriptsincludes\NotificationBar\WpCustomNotification.php:74

actioncustomize_save_afterincludes\NotificationBar\WpCustomNotification.php:75

actionplugins_loadedincludes\Plugin.php:20

actionplugins_loadednjt-notification-bar.php:61

Maintenance & Trust

Notibar – Notification Bar for WordPress Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 26, 2026

PHP min version5.3.1

Downloads129K

Community Trust

Rating96/100

Number of ratings62

Active installs8K

Alternatives

Notibar – Notification Bar for WordPress Alternatives

Top Bar

top-bar

Simply the easiest way to add a topbar to your website. Create a notification bar in no-time and show a message and a button to your visitors.

20K 3 CVEs

Easy Notification Bar

easy-notification-bar

100

A simple plugin for displaying a notice at the top of your website that can be closed by the visitor. Completely free and minimal without any upsells.

9K No CVEs

Notification Bar, Announcement and Cookie Notice WordPress Plugin – FooBar

foobar-notifications-lite

100

Create unlimited notifications, announcements, or notices for your visitors

3K No CVEs

Announcement & Notification Banner – Bulletin

bulletin-announcements

Publish a slick announcement banner notice across your website or Woocommerce shop. Extend with icons, countdowns, placement rules and more!

2K 5 CVEs

Sticky Banner

sticky-banner

Create eye-catching announcement banners that stick to the top or bottom of your site. Perfect for promotions, alerts, and important updates.

600 1 CVE

Developer Profile

Notibar – Notification Bar for WordPress Developer Profile

Ninja Team

13 plugins · 496K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

93 days

View full developer profile

Detection Fingerprints

How We Detect Notibar – Notification Bar for WordPress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/notibar/assets/css/notibar-public.css/wp-content/plugins/notibar/assets/js/notibar-public.js/wp-content/plugins/notibar/assets/css/notibar-admin.css/wp-content/plugins/notibar/assets/js/notibar-admin.js

Script Paths

/wp-content/plugins/notibar/assets/js/notibar-public.js/wp-content/plugins/notibar/assets/js/notibar-admin.js

Version Parameters

notibar/assets/css/notibar-public.css?ver=notibar/assets/js/notibar-public.js?ver=notibar/assets/css/notibar-admin.css?ver=notibar/assets/js/notibar-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

njt-notification-bar-wrappernjt-notification-bar-contentnjt-notification-bar-closenotibar-preview-wrapper

HTML Comments

Data Attributes

data-njt-nofi-iddata-njt-nofi-previewdata-njt-nofi-type

JS Globals

njtNotificationBarDatanjtNotificationBarOptions

Shortcode Output

[njt_notification_bar]

FAQ