MyBB Admin Notes Plugin 1.1 - Cross-Site Request Forgery

Summary

MyBB is a very good free forum software in the world. Its biggest feature is simple but its function is surprisingly powerful. MyBB's general functions have the following aspects: 1. An unlimited number of members, sections, posts, topics. 2. MySQL Fulltext full-text search (MySQL 4.1+). 3. Multiple copies share a database. 4. Use our intuitive template and theme system to fully personalize. 5. If you wish, you can install a whole bunch of different language packs in your forum. 6. Developed using PHP language, compatible with MySQL, PgSQL, and SQLite v2 and v3 database servers. MyBB Latest Posts On Profile is a MyBB plugin that can be used to display the user's latest post in the user's profile.
the plugin Admin Notes allows administrators to save notes and display them in a list in the ACP. The CSRF allows an attacker to remotely delete all admin notes.

Solution

At present, the manufacturer has not provided a patch or an upgrade procedure. We recommend that users who use this software keep an eye on the vendor's homepage to obtain the latest version:
https://community.mybb.com/mods.php?action=view&pid=1106