Vulnerabilities > Dineshkarki > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-29 CVE-2024-43947 Cross-Site Request Forgery (CSRF) vulnerability in Dineshkarki WP Armour Extended
Cross-Site Request Forgery (CSRF) vulnerability in Dinesh Karki WP Armour Extended.This issue affects WP Armour Extended: from n/a through 1.26.
network
low complexity
dineshkarki CWE-352
4.3
4.3
2024-08-29 CVE-2024-43948 Cross-site Scripting vulnerability in Dineshkarki WP Armour
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dinesh Karki WP Armour Extended.This issue affects WP Armour Extended: from n/a through 1.26.
network
low complexity
dineshkarki CWE-79
6.1
6.1
2022-04-15 CVE-2022-27851 Unspecified vulnerability in Dineshkarki USE ANY Font
Cross-Site Request Forgery (CSRF) in Use Any Font (WordPress plugin) <= 6.1.7 allows an attacker to deactivate the API key.
network
low complexity
dineshkarki
4.3
4.3