3 matches found
CVE-2023-6600
The OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy. plugin for WordPress is vulnerable to unauthorized modification of data and Stored Cross-Site Scripting due to a missing capability check on the updatesettings function hooked via admininit in all versions up to, and including, 5.7.9. Th...
CVE-2023-6600
CVE-2023-6600 affects the OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy. WordPress plugin (versions up to 5.7.9). The vulnerability stems from a missing capability check in update_settings() hooked via admin_init, enabling unauthenticated modification of the plugin’s settings, which can ...
WordPress OMGF | Host Google Fonts Locally Plugin <= 5.7.9 is vulnerable to Broken Access Control
Software OMGF | Host Google Fonts Locally Type Plugin Vulnerable versions = 5.7.9 Fixed in 5.7.10 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-6600 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID f1d5094ff494 Credits Lucio Sá...