Filtered by vendor Wp-dashboard-notes
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-7198 | 1 Wp-dashboard-notes | 1 Wp Dashboard Notes | 2025-03-24 | 4.3 Medium |
| The WP Dashboard Notes WordPress plugin before 1.0.11 is vulnerable to Insecure Direct Object References (IDOR) in post_id= parameter. Authenticated users are able to delete private notes associated with different user accounts. This poses a significant security risk as it violates the principle of least privilege and compromises the integrity and privacy of user data. | ||||
Page 1 of 1.