Medium severity6.5OSV Advisory· Published May 21, 2018· Updated Jun 17, 2026

CVE-2018-11092

Description

An issue was discovered in the Admin Notes plugin 1.1 for MyBB. CSRF allows an attacker to remotely delete all admin notes via an admin/index.php?empty=table (aka Clear Table) action.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Vintagedaddyo/Mybb Plugin AdminnotesOSV
MyBB/Admin Notesllm-create
Range: =1.1

Patches

Vulnerability mechanics

References

github.com/vintagedaddyo/MyBB_Plugin-adminnotes/commit/3deae701cdd89753cb6688302aee5b93a72bc58bnvdPatchThird Party Advisory
www.exploit-db.com/exploits/44624/nvdExploitThird Party AdvisoryVDB Entry
community.mybb.com/mods.phpnvdRelease NotesThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000