Lucene search
K

4 matches found

NVD
NVD
added 2024/02/27 9:15 a.m.22 views

CVE-2023-7198

The WP Dashboard Notes WordPress plugin before 1.0.11 is vulnerable to Insecure Direct Object References IDOR in postid= parameter. Authenticated users are able to delete private notes associated with different user accounts. This poses a significant security risk as it violates the principle of...

4.3CVSS6.3AI score0.00402EPSS
Exploits2References1
CVE
CVE
added 2024/02/27 8:30 a.m.9169 views

CVE-2023-7198

The WP Dashboard Notes WordPress plugin (versions

4.3CVSS6.5AI score0.00402EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2024/02/27 8:30 a.m.25 views

CVE-2023-7198 WPDashboardNotes < 1.0.11 - Unauthorised Deletion of Private Notes

The WP Dashboard Notes WordPress plugin before 1.0.11 is vulnerable to Insecure Direct Object References IDOR in postid= parameter. Authenticated users are able to delete private notes associated with different user accounts. This poses a significant security risk as it violates the principle of...

6.6AI score0.00402EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/02/27 12:0 a.m.17 views

WordPress WP Dashboard Notes Plugin < 1.0.11 is vulnerable to Insecure Direct Object References (IDOR)

Software WP Dashboard Notes Type Plugin Vulnerable versions 1.0.11 Fixed in 1.0.11 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-7198 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 493c887865e6 Credits Pedro Cuco...

6.5AI score0.00402EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder