Hello, i would like to point out that the following CVE:
https://security-tracker.debian.org/tracker/CVE-2026-3906 is currently marked as: > NOT-FOR-US: WordPress plugin But actually this CVE seems to be about WordPress itself: > An authorization bypass on the Notes feature > > https://wordpress.org/news/2026/03/wordpress-6-9-2-release/ Regards, Christian Fischer -- Christian Fischer | PGP Key: 0x54F3CE5B76C597AD Greenbone AG, Neumarkt 12, 49074 Osnabrück, Germany https://www.greenbone.net Commercial Register: Amtsgericht Osnabrück, HRB 218768 Executive Board: Elmar Geese Chairman of the Supervisory Board: Lukas Grunwald
