Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2026/03/11 12:31 p.m.1 views

EUVD-2026-11134

WordPress core is vulnerable to unauthorized access in versions 6.9 through 6.9.1. The Notes feature block-level collaboration annotations was introduced in WordPress 6.9 to allow editorial comments directly on posts in the block editor. However, the REST API createitempermissionscheck method in...

4.3CVSS5.8AI score0.0003EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/02/04 1:20 p.m.3 views

CVE-2026-1447

The Mail Mint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.19.2. This is due to missing nonce validation on the createorupdatenote function. This makes it possible for unauthenticated attackers to create or update contact notes via a...

5.4CVSS5.3AI score0.00011EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/04/10 12:0 a.m.6 views

PT-2024-21369 · Enpass · Enpass Password Manager Desktop Client

Name of the Vulnerable Software and Affected Versions: Enpass Password Manager Desktop Client version 6.9.2 Description: The issue allows attackers to run arbitrary HTML code via the creation of a crafted note, potentially leading to HTML injection. This can occur in the Enpass Password Manager...

8.8CVSS7.7AI score0.00188EPSS
Exploits0References5
NVD
NVDadded 2023/08/04 4:15 p.m.9 views

CVE-2023-38487

HedgeDoc is software for creating real-time collaborative markdown notes. Prior to version 1.9.9, the API of HedgeDoc 1 can be used to create notes with an alias matching the ID of existing notes. The affected existing note can then not be accessed anymore and is effectively hidden by the new one...

8.2CVSS6.9AI score0.00095EPSS
Exploits1References2
CVE
CVEadded 2023/08/04 3:40 p.m.2494 views

CVE-2023-38487

CVE-2023-38487 – HedgeDoc : Prior to 1.9.9, the HedgeDoc API allows creating a note with an alias equal to an existing note ID via POST /new/ when freeURL is enabled. The system does not verify the alias against existing IDs, so a new note can shadow the original; access may be redirected to the ...

8.2CVSS7.2AI score0.00095EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2023/08/04 3:40 p.m.13 views

CVE-2023-38487 HedgeDoc API allows to hide existing notes

HedgeDoc is software for creating real-time collaborative markdown notes. Prior to version 1.9.9, the API of HedgeDoc 1 can be used to create notes with an alias matching the ID of existing notes. The affected existing note can then not be accessed anymore and is effectively hidden by the new one...

6.5CVSS8AI score0.00095EPSS
Exploits1References4
OpenVAS
OpenVASadded 2009/02/27 12:0 a.m.9 views

Fedora Update for xfce4-notes-plugin FEDORA-2007-4368

Check for the Version of xfce4-notes-plugin OpenVAS Vulnerability Test Fedora Update for xfce4-notes-plugin FEDORA-2007-4368 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

7.4AI score
Exploits0References2
Rows per page
Query Builder