CVE-2024-43301
CVE-2024-43301 is a CSRF-to-stored XSS in the Fonts Plugin (olympus-google-fonts) for WordPress, affecting versions up to 3.7.7. RedHat/Wordfence and PT-Security sources confirm the issue and cite an upgrade remedy: upgrade Fonts to 3.7.8 to remediate. The vulnerability stems from CSRF enabling s...