CVE-2026-42090

Notesnook is a note-taking app focused on user privacy & ease of use. Prior to Notesnook Web/Desktop version 3.3.15 and prior to Notesnook iOS/Android version 3.3.20, a stored XSS vulnerability in the note export flow can be escalated to remote code execution in the desktop app. The root cause is...

WordPress MPG Plugin <= 3.3.19 is vulnerable to SQL Injection

Software MPG Type Plugin Vulnerable versions = 3.3.19 Fixed in 3.3.20 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-33927 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID ad0baec3bee8 Credits LEE SE HYOUNG hackintoanetwork Required privilege...