Lucene search
+L

73 matches found

patchstack
patchstack
added 2024/08/07 12:0 a.m.11 views

WordPress TypeSquare Webfonts Plugin <= 2.0.7 is vulnerable to Broken Access Control

Software TypeSquare Webfonts Type Plugin Vulnerable versions = 2.0.7 Fixed in 2.0.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43120 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID d4d917faff73 Credits Rafie Muhammad Patchstack...

5.3CVSS6.3AI score0.0038EPSS
Exploits0References2Affected Software1
wpvulndb
wpvulndb
added 2023/11/10 12:0 a.m.11 views

TS Webfonts for さくらのレンタルサーバ < 3.1.3 - Font Settings Change via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

4.3CVSS6.5AI score0.00251EPSS
Exploits0Affected Software1
wpvulndb
wpvulndb
added 2023/11/10 12:0 a.m.13 views

TS Webfonts for さくらのレンタルサーバ < 3.1.1 - Admin+ Stored Cross-Site Scripting

Description The plugin does not sanitise and escape some parameters, which could allow users with a role of Admin to perform Cross-Site Scripting attacks, for example on multisite instances...

6.1CVSS6.2AI score0.00482EPSS
Exploits0Affected Software1
attackerkb
attackerkb
added 2023/11/09 8:15 p.m.3 views

CVE-2023-34169

A vulnerability in sakurainternet TS Webfonts for さくらのレンタルサーバ ts-webfonts-for-sakura.This issue affects TS Webfonts for さくらのレンタルサーバ: from n/a through = 3.1.2...

8.8CVSS8.5AI score0.00303EPSS
Exploits0References3
osv
osv
added 2023/11/09 8:15 p.m.4 views

CVE-2023-34169

Cross-Site Request Forgery CSRF vulnerability in SAKURA Internet Inc. TS Webfonts for さくらのレンタルサーバ plugin = 3.1.2 versions...

8.8CVSS7.3AI score0.00303EPSS
Exploits0References1
nvd
nvd
added 2023/11/09 8:15 p.m.13 views

CVE-2023-34169

Cross-Site Request Forgery CSRF vulnerability in SAKURA Internet Inc. TS Webfonts for さくらのレンタルサーバ plugin = 3.1.2 versions...

8.8CVSS0.00303EPSS
Exploits0References1
prion
prion
added 2023/11/09 8:15 p.m.19 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in SAKURA Internet Inc. TS Webfonts for ??????????? plugin = 3.1.2 versions...

6.8CVSS7.3AI score0.00303EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2023/11/09 7:27 p.m.17 views

CVE-2023-34169 WordPress TS Webfonts for さくらのレンタルサーバ plugin <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerability

A vulnerability in sakurainternet TS Webfonts for さくらのレンタルサーバ ts-webfonts-for-sakura.This issue affects TS Webfonts for さくらのレンタルサーバ: from n/a through = 3.1.2...

6.5CVSS8.5AI score0.00303EPSS
Exploits0References1
cve
cve
added 2023/11/09 7:27 p.m.38 views

CVE-2023-34169

CVE-2023-34169: CSRF vulnerability in TS Webfonts for さくらのレンタルサーバ WordPress plugin, affected versions

8.8CVSS8.9AI score0.00303EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2023/11/09 7:27 p.m.23 views

CVE-2023-34169 WordPress TS Webfonts for さくらのレンタルサーバ Plugin <= 3.1.2 is vulnerable to Broken Access Control

Cross-Site Request Forgery CSRF vulnerability in SAKURA Internet Inc. TS Webfonts for さくらのレンタルサーバ plugin = 3.1.2 versions...

6.5CVSS9AI score0.00303EPSS
Exploits0References1
cnnvd
cnnvd
added 2023/11/09 12:0 a.m.3 views

WordPress Plugin TS Webfonts for さくらのレンタルサーバ Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. WordPress Plugin TS Webfon...

8.8CVSS6.6AI score0.00303EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2023/11/09 12:0 a.m.5 views

PT-2023-24707 · Sakura Internet Inc. · Ts Webfonts For さくらのレンタルサーバ

Name of the Vulnerable Software and Affected Versions: SAKURA Internet Inc. TS Webfonts for さくらのレンタルサーバ plugin versions = 3.1.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing...

8.8CVSS8.8AI score0.00303EPSS
Exploits0References3
nvd
nvd
added 2023/07/21 1:15 a.m.19 views

CVE-2023-32625

Cross-site request forgery CSRF vulnerability in TS Webfonts for SAKURA 3.1.2 and earlier allows a remote unauthenticated attacker to hijack the authentication of a user and to change settings by having a user view a malicious page...

4.3CVSS4.9AI score0.00251EPSS
Exploits0References2
nvd
nvd
added 2023/07/21 1:15 a.m.14 views

CVE-2023-32624

Cross-site scripting vulnerability in TS Webfonts for SAKURA 3.1.0 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...

6.1CVSS6.3AI score0.00482EPSS
Exploits0References2
osv
osv
added 2023/07/21 1:15 a.m.4 views

CVE-2023-32625

Cross-site request forgery CSRF vulnerability in TS Webfonts for SAKURA 3.1.2 and earlier allows a remote unauthenticated attacker to hijack the authentication of a user and to change settings by having a user view a malicious page...

4.3CVSS5.8AI score0.00251EPSS
Exploits0References2
osv
osv
added 2023/07/21 1:15 a.m.4 views

CVE-2023-32624

Cross-site scripting vulnerability in TS Webfonts for SAKURA 3.1.0 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...

6.1CVSS5.9AI score0.00482EPSS
Exploits0References2
prion
prion
added 2023/07/21 1:15 a.m.24 views

Cross site scripting

Cross-site scripting vulnerability in TS Webfonts for SAKURA 3.1.0 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...

5.8CVSS6.2AI score0.00482EPSS
Exploits0References2Affected Software1
cve
cve
added 2023/07/21 12:49 a.m.42 views

CVE-2023-32625

The CVE-2023-32625 issue affects TS Webfonts for SAKURA (WordPress plugin) versions 3.1.2 and earlier. The root cause is insufficient CSRF protections in the plugin, enabling a remote attacker to trigger unauthorized actions when an administrator views a malicious page, effectively enabling setti...

4.3CVSS4.9AI score0.00251EPSS
Exploits0References2Affected Software1
cve
cve
added 2023/07/21 12:48 a.m.49 views

CVE-2023-32624

CVE-2023-32624 is a Cross-site scripting vulnerability in the WordPress plugin TS Webfonts for SAKURA. Affected are TS Webfonts for SAKURA versions 3.1.0 and earlier; the issue allows a remote unauthenticated attacker to inject arbitrary script into a user’s browser. JVN documentation lists a fix...

6.1CVSS6.2AI score0.00482EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2023/07/21 12:48 a.m.24 views

CVE-2023-32624

Cross-site scripting vulnerability in TS Webfonts for SAKURA 3.1.0 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...

6.4AI score0.00482EPSS
Exploits0References2
Rows per page
Query Builder