Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Note_press
(Datainterlock)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-06-08 | CVE-2022-1689 | The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the Update parameter before using it in a SQL statement when updating a note via the admin dashboard, leading to an SQL injection | Note_press | 2.7 | ||
| 2022-06-08 | CVE-2022-1688 | The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL Injections | Note_press | 2.7 | ||
| 2022-06-08 | CVE-2022-1690 | The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the ids from the bulk actions before using them in a SQL statement in an admin page, leading to an SQL injection | Note_press | 2.7 | ||
| 2019-08-16 | CVE-2017-18548 | The note-press plugin before 0.1.2 for WordPress has SQL injection. | Note_press | 9.8 |