4 matches found
CVE-2023-7198
The WP Dashboard Notes WordPress plugin before 1.0.11 is vulnerable to Insecure Direct Object References IDOR in postid= parameter. Authenticated users are able to delete private notes associated with different user accounts. This poses a significant security risk as it violates the principle of...
CVE-2023-7198
The WP Dashboard Notes WordPress plugin (versions
CVE-2023-7198 WPDashboardNotes < 1.0.11 - Unauthorised Deletion of Private Notes
The WP Dashboard Notes WordPress plugin before 1.0.11 is vulnerable to Insecure Direct Object References IDOR in postid= parameter. Authenticated users are able to delete private notes associated with different user accounts. This poses a significant security risk as it violates the principle of...
WordPress WP Dashboard Notes Plugin < 1.0.11 is vulnerable to Insecure Direct Object References (IDOR)
Software WP Dashboard Notes Type Plugin Vulnerable versions 1.0.11 Fixed in 1.0.11 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-7198 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 493c887865e6 Credits Pedro Cuco...