73 matches found
WordPress TypeSquare Webfonts Plugin <= 2.0.7 is vulnerable to Broken Access Control
Software TypeSquare Webfonts Type Plugin Vulnerable versions = 2.0.7 Fixed in 2.0.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43120 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID d4d917faff73 Credits Rafie Muhammad Patchstack...
TS Webfonts for さくらのレンタルサーバ < 3.1.3 - Font Settings Change via CSRF
Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
TS Webfonts for さくらのレンタルサーバ < 3.1.1 - Admin+ Stored Cross-Site Scripting
Description The plugin does not sanitise and escape some parameters, which could allow users with a role of Admin to perform Cross-Site Scripting attacks, for example on multisite instances...
CVE-2023-34169
A vulnerability in sakurainternet TS Webfonts for さくらのレンタルサーバ ts-webfonts-for-sakura.This issue affects TS Webfonts for さくらのレンタルサーバ: from n/a through = 3.1.2...
CVE-2023-34169
Cross-Site Request Forgery CSRF vulnerability in SAKURA Internet Inc. TS Webfonts for さくらのレンタルサーバ plugin = 3.1.2 versions...
CVE-2023-34169
Cross-Site Request Forgery CSRF vulnerability in SAKURA Internet Inc. TS Webfonts for さくらのレンタルサーバ plugin = 3.1.2 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in SAKURA Internet Inc. TS Webfonts for ??????????? plugin = 3.1.2 versions...
CVE-2023-34169 WordPress TS Webfonts for さくらのレンタルサーバ plugin <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerability
A vulnerability in sakurainternet TS Webfonts for さくらのレンタルサーバ ts-webfonts-for-sakura.This issue affects TS Webfonts for さくらのレンタルサーバ: from n/a through = 3.1.2...
CVE-2023-34169
CVE-2023-34169: CSRF vulnerability in TS Webfonts for さくらのレンタルサーバ WordPress plugin, affected versions
CVE-2023-34169 WordPress TS Webfonts for さくらのレンタルサーバ Plugin <= 3.1.2 is vulnerable to Broken Access Control
Cross-Site Request Forgery CSRF vulnerability in SAKURA Internet Inc. TS Webfonts for さくらのレンタルサーバ plugin = 3.1.2 versions...
WordPress Plugin TS Webfonts for さくらのレンタルサーバ Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. WordPress Plugin TS Webfon...
PT-2023-24707 · Sakura Internet Inc. · Ts Webfonts For さくらのレンタルサーバ
Name of the Vulnerable Software and Affected Versions: SAKURA Internet Inc. TS Webfonts for さくらのレンタルサーバ plugin versions = 3.1.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing...
CVE-2023-32625
Cross-site request forgery CSRF vulnerability in TS Webfonts for SAKURA 3.1.2 and earlier allows a remote unauthenticated attacker to hijack the authentication of a user and to change settings by having a user view a malicious page...
CVE-2023-32624
Cross-site scripting vulnerability in TS Webfonts for SAKURA 3.1.0 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...
CVE-2023-32625
Cross-site request forgery CSRF vulnerability in TS Webfonts for SAKURA 3.1.2 and earlier allows a remote unauthenticated attacker to hijack the authentication of a user and to change settings by having a user view a malicious page...
CVE-2023-32624
Cross-site scripting vulnerability in TS Webfonts for SAKURA 3.1.0 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...
Cross site scripting
Cross-site scripting vulnerability in TS Webfonts for SAKURA 3.1.0 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...
CVE-2023-32625
The CVE-2023-32625 issue affects TS Webfonts for SAKURA (WordPress plugin) versions 3.1.2 and earlier. The root cause is insufficient CSRF protections in the plugin, enabling a remote attacker to trigger unauthorized actions when an administrator views a malicious page, effectively enabling setti...
CVE-2023-32624
CVE-2023-32624 is a Cross-site scripting vulnerability in the WordPress plugin TS Webfonts for SAKURA. Affected are TS Webfonts for SAKURA versions 3.1.0 and earlier; the issue allows a remote unauthenticated attacker to inject arbitrary script into a user’s browser. JVN documentation lists a fix...
CVE-2023-32624
Cross-site scripting vulnerability in TS Webfonts for SAKURA 3.1.0 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...