Vulnerabilities > CVE-2022-27851 - Unspecified vulnerability in Dineshkarki USE ANY Font
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
LOW Availability impact
NONE Summary
Cross-Site Request Forgery (CSRF) in Use Any Font (WordPress plugin) <= 6.1.7 allows an attacker to deactivate the API key.
Vulnerable Configurations
References
- https://patchstack.com/database/vulnerability/use-any-font/wordpress-use-any-font-plugin-6-1-7-cross-site-request-forgery-csrf-vulnerability
- https://patchstack.com/database/vulnerability/use-any-font/wordpress-use-any-font-plugin-6-1-7-cross-site-request-forgery-csrf-vulnerability
- https://wordpress.org/plugins/use-any-font/
- https://wordpress.org/plugins/use-any-font/