RSS   Vulnerabilities for 'Wp google fonts'   RSS

2021-12-06
 
CVE-2021-24935

CWE-79
 

 
The WP Google Fonts WordPress plugin before 3.1.5 does not escape the googlefont_ajax_name and googlefont_ajax_family parameter of the googlefont_action AJAx action (available to any authenticated user) before outputing them in attributes, leading Reflected Cross-Site Scripting issues

 


Copyright 2024, cxsecurity.com

 

Back to Top