Lucene search
+L

84 matches found

NVD
NVD
added 2026/07/02 10:16 a.m.9 views

CVE-2026-13251

The Perfmatters plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.4 via the 's' parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...

7.5CVSS0.0082EPSS
Exploits0References3
CVE
CVE
added 2026/07/02 9:32 a.m.17 views

CVE-2026-13251

The CVE-2026-13251 entry concerns the WordPress Perfmatters plugin (

7.5CVSS5.9AI score0.0082EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/08 6:43 a.m.26 views

CVE-2026-3535 DSGVO Google Web Fonts GDPR <= 1.1 - Unauthenticated Arbitrary File Upload via 'fonturl' Parameter

The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the DSGVOGWPdownloadGoogleFonts function in all versions up to, and including, 1.1. The function is exposed via a wpajaxnopriv hook, requiring no authentication. It...

9.8CVSS0.0092EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-11847

Malware in sbrugna...

6.1CVSS6.2AI score0.00861EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-11549

Malware in sbrugna...

5.4CVSS5.6AI score0.00624EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-11933

Malware in sbrugna...

4.9CVSS5AI score0.01021EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-38280

Malicious code in bioql PyPI...

7.1CVSS7.1AI score0.00371EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-24433

Malicious code in bioql PyPI...

7.1CVSS9.1AI score0.00187EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-34506

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00337EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-58106

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00214EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:58 a.m.9 views

CVE-2024-33925

Missing Authorization vulnerability in Adrian Mörchen Embed Google Fonts.This issue affects Embed Google Fonts: from n/a through 3.1.0...

4.3CVSS5.2AI score0.00337EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:7 a.m.8 views

CVE-2023-5823

Cross-Site Request Forgery CSRF vulnerability in ThemeKraft TK Google Fonts GDPR Compliant plugin = 2.2.11 versions...

8.8CVSS7.1AI score0.00214EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:24 p.m.7 views

CVE-2021-24935

The WP Google Fonts WordPress plugin before 3.1.5 does not escape the googlefontajaxname and googlefontajaxfamily parameter of the googlefontaction AJAx action available to any authenticated user before outputing them in attributes, leading Reflected Cross-Site Scripting issues...

6.1CVSS6.1AI score0.00861EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:23 p.m.4 views

CVE-2021-24637

The Google Fonts Typography WordPress plugin before 3.0.3 does not escape and sanitise some of its block settings, allowing users with as role as low as Contributor to perform Stored Cross-Site Scripting attacks via blockType combined with content, align, color, variant and fontID argument of a...

5.4CVSS6AI score0.00624EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:57 a.m.6 views

CVE-2024-27194

Cross-Site Request Forgery CSRF vulnerability in Andrei Ivasiuc Fontific | Google Fonts allows Stored XSS.This issue affects Fontific | Google Fonts: from n/a through 0.1.6...

7.1CVSS8.6AI score0.00187EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/03 4:53 p.m.5 views

Malicious code in google-fonts-to-wordpress-collection (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2025/02/03 4:53 p.m.3 views

MAL-2025-834 Malicious code in google-fonts-to-wordpress-collection (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
WPVulnDB
WPVulnDB
added 2024/05/07 12:0 a.m.22 views

Embed Google Fonts <= 3.1.0 - Missing Authorization

Description The Embed Google Fonts plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 3.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an...

4.3CVSS6.5AI score0.00337EPSS
Exploits0References1
NVD
NVD
added 2024/05/03 9:15 a.m.29 views

CVE-2024-33925

Missing Authorization vulnerability in Adrian Mörchen Embed Google Fonts.This issue affects Embed Google Fonts: from n/a through 3.1.0...

4.3CVSS5.1AI score0.00337EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/03 8:22 a.m.33 views

CVE-2024-33925 WordPress Embed Google Fonts plugin <= 3.1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Adrian Mörchen Embed Google Fonts.This issue affects Embed Google Fonts: from n/a through 3.1.0...

4.3CVSS5.3AI score0.00337EPSS
Exploits0References1
Rows per page
Query Builder