2 matches found
WordPress Custom Font Uploader Plugin <= 2.3.4 is vulnerable to Broken Access Control
Software Custom Font Uploader Type Plugin Vulnerable versions = 2.3.4 Fixed in 2.4.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5489 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ec1d5e78e0ec Credits Lucio Sá Required privile...
WordPress Custom Font Uploader plugin <= 2.1.0 - Arbitrary Plugin Installation, Activation and Deactivation vulnerability
Arbitrary Plugin Installation, Activation and Deactivation vulnerability discovered by Mary JJ Jay in WordPress Custom Font Uploader plugin versions = 2.1.0. Solution Deactivate and delete. This plugin has been closed as of March 9, 2022 and is not available for download. This closure is temporar...