48 matches found
CVE-2022-0211
The Shield Security WordPress plugin before 13.0.6 does not sanitise and escape admin notes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
Exploit for SQL Injection in Djangoproject Django
CTF Challenge: Django ORM Injection CVE-2025-64459 Catego...
EUVD-2018-3135
Malware in sbrugna...
EUVD-2023-12531
Malicious code in bioql PyPI...
EUVD-2022-15413
Malicious code in bioql PyPI...
EUVD-2025-28159
Malicious code in bioql PyPI...
EUVD-2025-17150
Malicious code in bioql PyPI...
CVE-2025-9228 Insufficient authorization when creating notes
MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users...
CVE-2025-9228 Insufficient authorization when creating notes
MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users...
CVE-2025-9228
MiR software (versions prior to 3.0.0) has insufficient authorization controls when creating text notes, allowing low-privilege users to create notes intended for administrators. Root cause: authorization gap in text-note creation. Impact: potential integrity concerns within text notes; CVSS-A/I ...
Mobile Industrial Robots MiR Robots 安全漏洞
Mobile Industrial Robots MiR Robots is an autonomous mobile robot from Mobile Industrial Robots, Denmark. A security vulnerability exists in Mobile Industrial Robots MiR Robots versions prior to 3.0.0, which stems from insufficient authorization controls and could allow a low-privileged user to...
PT-2025-34027 · Mir · Mir
Name of the Vulnerable Software and Affected Versions: MiR software versions prior to 3.0.0 Description: MiR software versions prior to 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes intended only for administrative users...
CVE-2025-49446
Cross-Site Request Forgery CSRF vulnerability in minhlaobao Admin Notes admin-note allows Cross Site Request Forgery.This issue affects Admin Notes: from n/a through = 1.1...
CVE-2025-49446
Cross-Site Request Forgery CSRF vulnerability in minhlaobao Admin Notes admin-note allows Cross Site Request Forgery.This issue affects Admin Notes: from n/a through = 1.1...
CVE-2025-49446 WordPress Admin Notes plugin <=1.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in minhlaobao Admin Notes admin-note allows Cross Site Request Forgery.This issue affects Admin Notes: from n/a through = 1.1...
CVE-2025-49446 WordPress Admin Notes <=1.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in minhlaobao Admin Notes allows Cross Site Request Forgery. This issue affects Admin Notes: from n/a through 1.1...
CVE-2025-49446
CVE-2025-49446 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Admin Notes (minhlaobao). Affected range: Admin Notes 1.1 and earlier (n/a through 1.1). According to the initial description, the CVSS 3.1 vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N wit...
WordPress plugin Admin Notes 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
PT-2025-24268 · Unknown · Minhlaobao Admin Notes
Name of the Vulnerable Software and Affected Versions: minhlaobao Admin Notes versions n/a through 1.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Cross Site Request Forgery. Recommendations: For versions n/a through 1.1, update to a version that includes...
CVE-2025-48239
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Product Notes Tab & Private Admin Notes for WooCommerce product-notes-for-woocommerce allows Stored XSS.This issue affects Product Notes Tab & Private Admin Notes for WooCommerce: from n/...