47 matches found
CVE-2022-0211
The Shield Security WordPress plugin before 13.0.6 does not sanitise and escape admin notes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
Exploit for SQL Injection in Djangoproject Django
CTF Challenge: Django ORM Injection CVE-2025-64459 Catego...
EUVD-2018-3135
Malware in sbrugna...
EUVD-2025-28159
Malicious code in bioql PyPI...
EUVD-2022-15413
Malicious code in bioql PyPI...
EUVD-2025-17150
Malicious code in bioql PyPI...
EUVD-2023-12531
Malicious code in bioql PyPI...
CVE-2025-9228 Insufficient authorization when creating notes
MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users...
CVE-2025-9228
MiR software (versions prior to 3.0.0) has insufficient authorization controls when creating text notes, allowing low-privilege users to create notes intended for administrators. Root cause: authorization gap in text-note creation. Impact: potential integrity concerns within text notes; CVSS-A/I ...
CVE-2025-9228 Insufficient authorization when creating notes
MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users...
PT-2025-34027 · Mir · Mir
Name of the Vulnerable Software and Affected Versions: MiR software versions prior to 3.0.0 Description: MiR software versions prior to 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes intended only for administrative users...
Mobile Industrial Robots MiR Robots 安全漏洞
Mobile Industrial Robots MiR Robots is an autonomous mobile robot from Mobile Industrial Robots, Denmark. A security vulnerability exists in Mobile Industrial Robots MiR Robots versions prior to 3.0.0, which stems from insufficient authorization controls and could allow a low-privileged user to...
CVE-2025-49446
Cross-Site Request Forgery CSRF vulnerability in minhlaobao Admin Notes admin-note allows Cross Site Request Forgery.This issue affects Admin Notes: from n/a through = 1.1...
CVE-2025-49446
Cross-Site Request Forgery CSRF vulnerability in minhlaobao Admin Notes admin-note allows Cross Site Request Forgery.This issue affects Admin Notes: from n/a through = 1.1...
CVE-2025-49446 WordPress Admin Notes plugin <=1.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in minhlaobao Admin Notes admin-note allows Cross Site Request Forgery.This issue affects Admin Notes: from n/a through = 1.1...
CVE-2025-49446
CVE-2025-49446 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Admin Notes (minhlaobao). Affected range: Admin Notes 1.1 and earlier (n/a through 1.1). According to the initial description, the CVSS 3.1 vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N wit...
CVE-2025-49446 WordPress Admin Notes <=1.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in minhlaobao Admin Notes allows Cross Site Request Forgery. This issue affects Admin Notes: from n/a through 1.1...
PT-2025-24268 · Unknown · Minhlaobao Admin Notes
Name of the Vulnerable Software and Affected Versions: minhlaobao Admin Notes versions n/a through 1.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Cross Site Request Forgery. Recommendations: For versions n/a through 1.1, update to a version that includes...
WordPress plugin Admin Notes 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2025-48239
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Product Notes Tab & Private Admin Notes for WooCommerce product-notes-for-woocommerce allows Stored XSS.This issue affects Product Notes Tab & Private Admin Notes for WooCommerce: from n/...