CVE-2026-1800
The CVE-2026-1800 entry concerns The Fonts Manager | Custom Fonts plugin for WordPress. A time-based SQL Injection affects all versions up to 1.2 via the fmcfIdSelectedFnt parameter, caused by insufficient escaping of user input and lack of proper SQL query preparation. This allows unauthenticate...