Vulnerabilities > USE ANY Font Project

DATE CVE VULNERABILITY TITLE RISK
2022-02-28 CVE-2021-24977 Missing Authorization vulnerability in USE ANY Font Project USE ANY Font
The Use Any Font | Custom Font Uploader WordPress plugin before 6.2.1 does not have any authorisation checks when assigning a font, allowing unauthenticated users to sent arbitrary CSS which will then be processed by the frontend for all users.
network
low complexity
use-any-font-project CWE-862
6.1