CVE-2026-8610

The TypeSquare Webfonts for ConoHa plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

CVE-2026-8610

The TypeSquare Webfonts for ConoHa plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

EUVD-2026-31029

The TypeSquare Webfonts for ConoHa plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

CVE-2026-8610

The TypeSquare Webfonts for ConoHa plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

CVE-2026-8610 TypeSquare Webfonts for ConoHa <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification via 'fontThemeUseType' Parameter

The TypeSquare Webfonts for ConoHa plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

WordPress plugin TypeSquare Webfonts for ConoHa 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

WordPress TypeSquare Webfonts for ConoHa plugin <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification vulnerability

Missing Authorization to Authenticated Subscriber+ Plugin Settings Modification vulnerability discovered by ? in WordPress Plugin TypeSquare Webfonts for ConoHa versions = 2.0.4...

CVE-2025-52835

Cross-Site Request Forgery CSRF vulnerability in ConoHa by GMO WING WordPress Migrator wing-migrator allows Upload a Web Shell to a Web Server.This issue affects WING WordPress Migrator: from n/a through = 1.2.0...

CVE-2025-52835

Cross-Site Request Forgery CSRF vulnerability in ConoHa by GMO WING WordPress Migrator wing-migrator allows Upload a Web Shell to a Web Server.This issue affects WING WordPress Migrator: from n/a through = 1.2.0...

EUVD-2025-205805

Cross-Site Request Forgery CSRF vulnerability in ConoHa by GMO WING WordPress Migrator allows Upload a Web Shell to a Web Server.This issue affects WING WordPress Migrator: from n/a through 1.1.9...

PT-2025-54199

Name of the Vulnerable Software and Affected Versions ConoHa by GMO WING WordPress Migrator versions through 1.1.9 Description A Cross-Site Request Forgery CSRF issue exists in ConoHa by GMO WING WordPress Migrator. This allows for the upload of a web shell to a web server. Exploitation requires ...

EUVD-2023-29413

Malicious code in bioql PyPI...

CVE-2023-25458

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GMO Internet Group, Inc. TypeSquare Webfonts for ConoHa plugin = 2.0.3 versions...

CVE-2023-25458

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GMO Internet Group, Inc. TypeSquare Webfonts for ConoHa plugin = 2.0.3 versions...

CVE-2023-25458

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GMO Internet Group, Inc. TypeSquare Webfonts for ConoHa plugin = 2.0.3 versions...

CVE-2023-25458 WordPress TypeSquare Webfonts for ConoHa Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in GMO Internet Group, Inc. TypeSquare Webfonts for ConoHa plugin = 2.0.3 versions...

CVE-2023-25458

CVE-2023-25458 corresponds to the WordPress plugin TypeSquare Webfonts for ConoHa (≤ 2.0.3). The root cause is insufficient sanitization/escaping of input parameters, allowing an authenticated attacker with Admin+ privileges to perform a Stored Cross-Site Scripting (XSS). The attack is described ...

WordPress plugin TypeSquare Webfonts for ConoHa 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

TypeSquare Webfonts for ConoHa < 2.0.4 - Admin+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress TypeSquare Webfonts for ConoHa Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software TypeSquare Webfonts for ConoHa Type Plugin Vulnerable versions = 2.0.3 Fixed in 2.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25458 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 18a36f275598 Credits Abdi...