CVE-2023-6633

Name of the Vulnerable Software and Affected Versions The Site Notes WordPress plugin versions prior to 2.1

Description The issue concerns a lack of CSRF checks in some functionalities of the plugin, which could allow attackers to make logged-in users perform unwanted actions, such as deleting administration notes, via CSRF attacks.

Recommendations For versions prior to 2.1, update to version 2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's functionalities to minimize the risk of exploitation.