CVE-2025-12527 | Page & Post Notes Plugin up to 1.3.4 on WordPress yydev_notes_save_dashboard_data authorization

Inserito da Angelo Barbosa | Nov 6, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Page & Post Notes Plugin up to 1.3.4 on WordPress. This affects the function yydev_notes_save_dashboard_data. This manipulation causes missing authorization.

This vulnerability is registered as CVE-2025-12527. Remote exploitation of the attack is possible. No exploit is available.

CVE-2025-12527 | Page & Post Notes Plugin up to 1.3.4 on WordPress yydev_notes_save_dashboard_data authorization

Post correlati

CVE-2024-12117 | Stackable Plugin up to 3.13.11 on WordPress Gutenberg Block cross site scripting

CVE-2024-26764 | Linux Kernel up to 6.7.6 aio kiocb_set_cancel_fn Privilege Escalation

CVE-2023-6301 | SourceCodester Best Courier Management System 1.0 GET Parameter parcel_list.php id cross site scripting

CVE-2024-24863 | Linux Kernel up to 6.9-rc1 malidp_mw_connector_reset null pointer dereference