Lucene search
China National Vulnerability DatabaseCNVD-2022-19804HistoryMar 02, 2022 - 12:00 a.m.
WordPress Custom Font Uploader plugin跨站脚本漏洞
2022-03-0200:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
0.001 Low
EPSS
Percentile
41.2%
WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. cross-site scripting vulnerability exists in versions prior to WordPress Custom Font Uploader plugin 6.2.1, which stems from the lack of cleanup and escaping of submitted data on the back end. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress custom font uploader plugin | lt | 6.2.1 |
Related
patchstack
patchstack
prion
prion
Cross site scripting
2022-02-28 09:15:00
nvd
nvd
CVE-2021-24977
2022-02-28 09:15:08
cve
cve
CVE-2021-24977
2022-02-28 09:15:08
wpexploit
wpexploit
Use Any Font < 6.2.1 - Unauthenticated Arbitrary CSS Appending
2022-01-31 00:00:00
openvas
openvas
WordPress Use Any Font Plugin < 6.2.1 CSS Vulnerability
2022-03-14 00:00:00
wpvulndb
wpvulndb
Use Any Font < 6.2.1 - Unauthenticated Arbitrary CSS Appending
2022-01-31 00:00:00
cvelist
cvelist