VYPR

Use Any Font | Custom Font Uploader

by WordPress

CVEs (1)

  • CVE-2021-24977MedFeb 28, 2022
    risk 0.40cvss 6.1epss 0.01

    The Use Any Font | Custom Font Uploader WordPress plugin before 6.2.1 does not have any authorisation checks when assigning a font, allowing unauthenticated users to sent arbitrary CSS which will then be processed by the frontend for all users. Due to the lack of sanitisation…