Lucene search
+L

41 matches found

OSV
OSV
added 2024/08/26 9:15 p.m.4 views

CVE-2024-43301

Cross-Site Request Forgery CSRF vulnerability in Fonts Plugin Fonts allows Stored XSS.This issue affects Fonts: from n/a through 3.7.7...

5.4CVSS5.8AI score0.00152EPSS
Exploits0References1
NVD
NVD
added 2024/08/26 9:15 p.m.16 views

CVE-2024-43301

Cross-Site Request Forgery CSRF vulnerability in Fonts Plugin Fonts allows Stored XSS.This issue affects Fonts: from n/a through 3.7.7...

7.1CVSS0.00152EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/08/26 9:15 p.m.7 views

CVE-2024-43301

Cross-Site Request Forgery CSRF vulnerability in Fonts Plugin Fonts allows Stored XSS.This issue affects Fonts: from n/a through 3.7.7...

7.1CVSS5.2AI score0.00152EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/26 8:38 p.m.15 views

CVE-2024-43301 WordPress Fonts plugin <= 3.7.7 - Cross Site Request Forgery (CSRF) to Stored XSSvulnerability

Cross-Site Request Forgery CSRF vulnerability in Fonts Plugin Fonts allows Stored XSS.This issue affects Fonts: from n/a through 3.7.7...

7.1CVSS6.8AI score0.00152EPSS
Exploits0References1
CVE
CVE
added 2024/08/26 8:38 p.m.56 views

CVE-2024-43301

CVE-2024-43301 is a CSRF-to-stored XSS in the Fonts Plugin (olympus-google-fonts) for WordPress, affecting versions up to 3.7.7. RedHat/Wordfence and PT-Security sources confirm the issue and cite an upgrade remedy: upgrade Fonts to 3.7.8 to remediate. The vulnerability stems from CSRF enabling s...

7.1CVSS6.8AI score0.00152EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/08/26 8:38 p.m.23 views

CVE-2024-43301 WordPress Fonts plugin <= 3.7.7 - Cross Site Request Forgery (CSRF) to Stored XSSvulnerability

Cross-Site Request Forgery CSRF vulnerability in Fonts Plugin Fonts allows Stored XSS.This issue affects Fonts: from n/a through 3.7.7...

7.1CVSS0.00152EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/26 12:0 a.m.4 views

WordPress plugin Fonts 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

7.1CVSS6.5AI score0.00152EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/26 12:0 a.m.7 views

PT-2024-30468 · Unknown · Fonts Plugin Fonts

Name of the Vulnerable Software and Affected Versions: Fonts Plugin Fonts versions n/a through 3.7.7 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in the Fonts Plugin Fonts, which allows Stored XSS. This means an attacker can trick a user into performing unintended...

7.1CVSS6.8AI score0.00152EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/08/16 11:45 a.m.6 views

WordPress Fonts plugin <= 3.7.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Fonts versions = 3.7.7...

8.8CVSS7AI score0.00414EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/16 11:44 a.m.15 views

WordPress Fonts plugin <= 3.7.7 - Cross Site Request Forgery (CSRF) to Stored XSSvulnerability

Cross Site Request Forgery CSRF to Stored XSSvulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Fonts versions = 3.7.7...

7.1CVSS6.7AI score0.00152EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.12 views

WordPress Fonts Plugin <= 3.7.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Fonts Type Plugin Vulnerable versions = 3.7.7 Fixed in 3.7.8 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-43301 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 27e6a6b5f399 Credits Rafie Muhammad Patchstack...

7.1CVSS6.7AI score0.00152EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.10 views

WordPress Fonts Plugin <= 3.7.7 is vulnerable to Broken Access Control

Software Fonts Type Plugin Vulnerable versions = 3.7.7 Fixed in 3.7.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43302 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 28935a5c542e Credits Rafie Muhammad Patchstack Required...

8.8CVSS6.3AI score0.00414EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/02/27 9:15 a.m.8 views

CVE-2023-7167

The Persian Fonts WordPress plugin through 1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

6.1CVSS7.3AI score0.00396EPSS
Exploits2References1
OSV
OSV
added 2023/11/13 12:15 a.m.2 views

CVE-2023-27436

Cross-Site Request Forgery CSRF vulnerability in Louis Reingold Elegant Custom Fonts plugin = 1.0 versions...

8.8CVSS7.3AI score0.00301EPSS
Exploits0References1
CVE
CVE
added 2023/10/10 1:59 p.m.56 views

CVE-2023-44470

CVE-2023-44470 describes a Cross-Site Request Forgery (CSRF) vulnerability in the Kv TinyMCE Editor Add Fonts plugin for WordPress, affecting versions

8.8CVSS7AI score0.00221EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/06/19 2:15 p.m.6 views

CVE-2023-35779

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Seed Webs Seed Fonts plugin = 2.3.1 versions...

4.8CVSS7.3AI score0.00369EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/19 1:21 p.m.12 views

CVE-2023-35779 WordPress Seed Fonts Plugin 2.3.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Seed Webs Seed Fonts plugin = 2.3.1 versions...

5.9CVSS5.6AI score0.00369EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/19 1:21 p.m.23 views

CVE-2023-35779 WordPress Seed Fonts Plugin 2.3.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Seed Webs Seed Fonts plugin = 2.3.1 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/06/16 12:0 a.m.9 views

WordPress Seed Fonts Plugin 2.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Seed Fonts Type Plugin Vulnerable versions 2.3.1 Fixed in 2.4.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-35779 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d26dff3fd41d Credits yuyudhn Required privilege...

5.9CVSS5.7AI score0.00369EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.10 views

WordPress Elegant Custom Fonts Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Elegant Custom Fonts Type Plugin Vulnerable versions = 1.0 Fixed in 1.0.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-27436 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID e6a5548377b4 Credits Rio Darmawan...

8.8CVSS6.6AI score0.00301EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder