VYPR

Page Post Notes

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-23715HigJan 16, 2025
    risk 0.46cvss 7.1epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in RaymondDesign Post & Page Notes post-page-notes allows Stored XSS.This issue affects Post & Page Notes: from n/a through <= 0.1.1.

  • CVE-2025-12527MedNov 7, 2025
    risk 0.28cvss 4.3epss 0.00

    The Page & Post Notes plugin for WordPress is vulnerable to unauthorized modification of notes due to a missing capability check on the 'yydev_notes_save_dashboard_data' function in all versions up to, and including, 1.3.4. This makes it possible for authenticated attackers,…