Lucene search
PatchstackCVELIST:CVE-2024-27194HistoryMar 16, 2024 - 1:22 a.m.
CVE-2024-27194 WordPress Fontific plugin <= 0.1.6 - CSRF to XSS vulnerability
2024-03-1601:22:52
CWE-352
Patchstack
www.cve.org
cve-2024-27194
wordpress
csrf
xss
fontific plugin
google fonts
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
9.1%
Cross-Site Request Forgery (CSRF) vulnerability in Andrei Ivasiuc Fontific | Google Fonts allows Stored XSS.This issue affects Fontific | Google Fonts: from n/a through 0.1.6.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "fontific",
"product": "Fontific | Google Fonts",
"vendor": "Andrei Ivasiuc",
"versions": [
{
"lessThanOrEqual": "0.1.6",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2024-27194
2024-03-16 02:15:08
nvd
nvd
CVE-2024-27194
2024-03-16 02:15:08
wpvulndb
wpvulndb
wordfence
wordfence
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2024-27194