Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
datainterlock note press vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-18548
The note-press plugin prior to 0.1.2 for WordPress has SQL injection.
Datainterlock Note Press
2.7
CVSSv3
CVE-2022-1688
The Note Press WordPress plugin up to and including 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL Injections
Datainterlock Note Press
2.7
CVSSv3
CVE-2022-1689
The Note Press WordPress plugin up to and including 0.1.10 does not sanitise and escape the Update parameter before using it in a SQL statement when updating a note via the admin dashboard, leading to an SQL injection
Datainterlock Note Press
2.7
CVSSv3
CVE-2022-1690
The Note Press WordPress plugin up to and including 0.1.10 does not sanitise and escape the ids from the bulk actions before using them in a SQL statement in an admin page, leading to an SQL injection
Datainterlock Note Press
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started