Dineshkarki Use Any Font — known CVE vulnerabilities
Every CVE whose affected-product data names Dineshkarki Use Any Font, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-24977 — CVSS 6.1 (medium): The Use Any Font | Custom Font Uploader WordPress plugin before 6.2.1 does not have any authorisation checks when assigning a font…
CVE-2022-27851 — CVSS 5.4 (medium): Cross-Site Request Forgery (CSRF) in Use Any Font (WordPress plugin) <= 6.1.7 allows an attacker to deactivate the API key.
CVE-2024-47305 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Dnesscarkey Use Any Font use-any-font allows Cross Site Request Forgery.This issue…