41 matches found
CVE-2024-43301
Cross-Site Request Forgery CSRF vulnerability in Fonts Plugin Fonts allows Stored XSS.This issue affects Fonts: from n/a through 3.7.7...
CVE-2024-43301
Cross-Site Request Forgery CSRF vulnerability in Fonts Plugin Fonts allows Stored XSS.This issue affects Fonts: from n/a through 3.7.7...
CVE-2024-43301
Cross-Site Request Forgery CSRF vulnerability in Fonts Plugin Fonts allows Stored XSS.This issue affects Fonts: from n/a through 3.7.7...
CVE-2024-43301 WordPress Fonts plugin <= 3.7.7 - Cross Site Request Forgery (CSRF) to Stored XSSvulnerability
Cross-Site Request Forgery CSRF vulnerability in Fonts Plugin Fonts allows Stored XSS.This issue affects Fonts: from n/a through 3.7.7...
CVE-2024-43301
CVE-2024-43301 is a CSRF-to-stored XSS in the Fonts Plugin (olympus-google-fonts) for WordPress, affecting versions up to 3.7.7. RedHat/Wordfence and PT-Security sources confirm the issue and cite an upgrade remedy: upgrade Fonts to 3.7.8 to remediate. The vulnerability stems from CSRF enabling s...
CVE-2024-43301 WordPress Fonts plugin <= 3.7.7 - Cross Site Request Forgery (CSRF) to Stored XSSvulnerability
Cross-Site Request Forgery CSRF vulnerability in Fonts Plugin Fonts allows Stored XSS.This issue affects Fonts: from n/a through 3.7.7...
WordPress plugin Fonts 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...
PT-2024-30468 · Unknown · Fonts Plugin Fonts
Name of the Vulnerable Software and Affected Versions: Fonts Plugin Fonts versions n/a through 3.7.7 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in the Fonts Plugin Fonts, which allows Stored XSS. This means an attacker can trick a user into performing unintended...
WordPress Fonts plugin <= 3.7.7 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Fonts versions = 3.7.7...
WordPress Fonts plugin <= 3.7.7 - Cross Site Request Forgery (CSRF) to Stored XSSvulnerability
Cross Site Request Forgery CSRF to Stored XSSvulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Fonts versions = 3.7.7...
WordPress Fonts Plugin <= 3.7.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software Fonts Type Plugin Vulnerable versions = 3.7.7 Fixed in 3.7.8 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-43301 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 27e6a6b5f399 Credits Rafie Muhammad Patchstack...
WordPress Fonts Plugin <= 3.7.7 is vulnerable to Broken Access Control
Software Fonts Type Plugin Vulnerable versions = 3.7.7 Fixed in 3.7.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43302 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 28935a5c542e Credits Rafie Muhammad Patchstack Required...
CVE-2023-7167
The Persian Fonts WordPress plugin through 1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-27436
Cross-Site Request Forgery CSRF vulnerability in Louis Reingold Elegant Custom Fonts plugin = 1.0 versions...
CVE-2023-44470
CVE-2023-44470 describes a Cross-Site Request Forgery (CSRF) vulnerability in the Kv TinyMCE Editor Add Fonts plugin for WordPress, affecting versions
CVE-2023-35779
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Seed Webs Seed Fonts plugin = 2.3.1 versions...
CVE-2023-35779 WordPress Seed Fonts Plugin 2.3.1 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Seed Webs Seed Fonts plugin = 2.3.1 versions...
CVE-2023-35779 WordPress Seed Fonts Plugin 2.3.1 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Seed Webs Seed Fonts plugin = 2.3.1 versions...
WordPress Seed Fonts Plugin 2.3.1 is vulnerable to Cross Site Scripting (XSS)
Software Seed Fonts Type Plugin Vulnerable versions 2.3.1 Fixed in 2.4.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-35779 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d26dff3fd41d Credits yuyudhn Required privilege...
WordPress Elegant Custom Fonts Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Elegant Custom Fonts Type Plugin Vulnerable versions = 1.0 Fixed in 1.0.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-27436 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID e6a5548377b4 Credits Rio Darmawan...