2 matches found
CVE-2023-32625
Cross-site request forgery CSRF vulnerability in TS Webfonts for SAKURA 3.1.2 and earlier allows a remote unauthenticated attacker to hijack the authentication of a user and to change settings by having a user view a malicious page...
CVE-2023-32625
The CVE-2023-32625 issue affects TS Webfonts for SAKURA (WordPress plugin) versions 3.1.2 and earlier. The root cause is insufficient CSRF protections in the plugin, enabling a remote attacker to trigger unauthorized actions when an administrator views a malicious page, effectively enabling setti...