CVE-2026-7047
CVE-2026-7047 concerns the WordPress plugin Frontend User Notes up to version 2.1.1. The vulnerability is a Cross-Site Request Forgery (CSRF) stemming from missing or incorrect nonce validation in the funp_ajax_modify_notes function. This allows an unauthenticated attacker to lure a logged-in use...