Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/17 9:4 p.m.32 views

CVE-2023-7239

The WP Dashboard Notes WordPress plugin before 1.0.11 does not validate that the user has access to the postid parameter in its wpdnupdatenote AJAX action. This allows users with a role of contributor and above to update notes created by other users...

7.5CVSS6.7AI score0.00456EPSS
Exploits2References3
NVD
NVD
added 2025/05/15 8:15 p.m.12 views

CVE-2023-7239

The WP Dashboard Notes WordPress plugin before 1.0.11 does not validate that the user has access to the postid parameter in its wpdnupdatenote AJAX action. This allows users with a role of contributor and above to update notes created by other users...

7.5CVSS0.00456EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:9 p.m.12 views

CVE-2023-7239 wp-dashboard-notes < 1.0.11 - Contributor+ Arbitrary Private Notes Update via IDOR

The WP Dashboard Notes WordPress plugin before 1.0.11 does not validate that the user has access to the postid parameter in its wpdnupdatenote AJAX action. This allows users with a role of contributor and above to update notes created by other users...

7.5AI score0.00456EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/05/15 8:9 p.m.15 views

CVE-2023-7239 wp-dashboard-notes < 1.0.11 - Contributor+ Arbitrary Private Notes Update via IDOR

The WP Dashboard Notes WordPress plugin before 1.0.11 does not validate that the user has access to the postid parameter in its wpdnupdatenote AJAX action. This allows users with a role of contributor and above to update notes created by other users...

0.00456EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/01/29 12:0 a.m.13 views

WordPress WP Dashboard Notes Plugin < 1.0.11 is vulnerable to Broken Access Control

Software WP Dashboard Notes Type Plugin Vulnerable versions 1.0.11 Fixed in 1.0.11 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-7239 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 48978b33e0d8 Credits Pedro Cuco Illex Required...

6.6AI score0.00456EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder