EUVD-2024-36760

Malicious code in bioql PyPI...

EUVD-2024-40218

Malicious code in bioql PyPI...

CVE-2024-43326

Missing Authorization vulnerability in Jamie Bergen Plugin Notes Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Plugin Notes Plus: from n/a through 1.2.7...

CVE-2024-37561

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Jamie Bergen Plugin Notes Plus allows Stored XSS.This issue affects Plugin Notes Plus: from n/a through 1.2.6...

CVE-2024-43326

Missing Authorization vulnerability in Jamie Bergen Plugin Notes Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Plugin Notes Plus: from n/a through 1.2.7...

CVE-2024-43326 WordPress Plugin Notes Plus plugin <= 1.2.7 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in Jamie Bergen Plugin Notes Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Plugin Notes Plus: from n/a through 1.2.7...

CVE-2024-43326 WordPress Plugin Notes Plus plugin <= 1.2.7 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in Jamie Bergen Plugin Notes Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Plugin Notes Plus: from n/a through 1.2.7...

CVE-2024-43326

CVE-2024-43326 affects Plugin Notes Plus for WordPress (Jamie Bergen). It is a Missing Authorization vulnerability that allows accessing functionality not properly constrained by ACLs, enabling (at least) arbitrary note deletion in Notes Plus

PT-2024-30493 · Unknown · Plugin Notes Plus

Name of the Vulnerable Software and Affected Versions: Plugin Notes Plus versions 1.2.7 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For Plugin Notes Plus versions...

WordPress plugin Plugin Notes Plus 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Plugin Notes Plus plugin <= 1.2.7 - Arbitrary Content Deletion vulnerability

Arbitrary Content Deletion vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin Plugin Notes Plus versions = 1.2.7...

WordPress Plugin Notes Plus Plugin <= 1.2.7 is vulnerable to Arbitrary Content Deletion

Software Plugin Notes Plus Type Plugin Vulnerable versions = 1.2.7 Fixed in 1.2.8 OWASP Top 10 A1: Broken Access Control Classification Arbitrary Content Deletion CVE CVE-2024-43326 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 048345824ef6 Credits Trương Hữu Phúc...

CVE-2024-37561

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Jamie Bergen Plugin Notes Plus allows Stored XSS.This issue affects Plugin Notes Plus: from n/a through 1.2.6...

CVE-2024-37561 WordPress Plugin Notes Plus plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Jamie Bergen Plugin Notes Plus allows Stored XSS.This issue affects Plugin Notes Plus: from n/a through 1.2.6...

CVE-2024-37561

CVE-2024-37561 is a Stored XSS in WordPress Plugin Notes Plus (Jamie Bergen). Affected: Plugin Notes Plus from n/a through 1.2.6. Root cause: Improper Neutralization of Input During Web Page Generation. CVSS 3.1 metrics: AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L with base score 5.9. Public references p...

WordPress Plugin Notes Plus plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by justakazh Patchstack Alliance in WordPress Plugin Plugin Notes Plus versions = 1.2.6...

WordPress Plugin Notes Plus Plugin <= 1.2.6 is vulnerable to Cross Site Scripting (XSS)

Software Plugin Notes Plus Type Plugin Vulnerable versions = 1.2.6 Fixed in 1.2.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37561 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1f66e01a6482 Credits justakazh Required privilege...

Quick Notes Plus 5.0 47 - Multiple DLL Loading Arbitrary Code Executions

// source: https://www.securityfocus.com/bid/45689/info Quick Notes Plus is prone to an arbitrary-code-execution vulnerability. Attackers can exploit this vulnerability to execute arbitrary code in the context of the user running the vulnerable application. Quick Notes Plus 5.0.0.47 is vulnerable...

Quick Notes Plus 5.0.0.47 DLL Hijacking

Quick Notes Plus v5.0 dll hijacking vulnerability software : QNPlus - http://www.conceptworld.com/redirect.asp?Product=QNP&Action=Home version : 5.0.0.47 author : d3c0der - [email protected] website : www.attackerz.ir Operating System : Windows XP Version 5.1 Service Pack 3 date : 5\1\2011 file...