CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33942 – WordPress Google Typography plugin <= 1.1.2 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-33942
Missing Authorization vulnerability in Eric Alli Google Typography.This issue affects Google Typography: from n/a through 1.1.2. Vulnerabilidad de autorización faltante en Eric Alli Google Typography. Este problema afecta a Google Typography: desde n/a hasta 1.1.2. The Google Typography plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthorized action. • https://patchstack.com/database/vulnerability/google-typography/wordpress-google-typography-plugin-1-1-2-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4060
https://notcve.org/view.php?id=CVE-2024-4060
Use after free in Dawn in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El use after free en Dawn en Google Chrome anterior a 124.0.6367.78 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html https://issues.chromium.org/issues/333420620 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN • CWE-416: Use After Free •
CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4059
https://notcve.org/view.php?id=CVE-2024-4059
Out of bounds read in V8 API in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to leak cross-site data via a crafted HTML page. (Chromium security severity: High) La lectura fuera de los límites en la API V8 en Google Chrome anterior a 124.0.6367.78 permitió a un atacante remoto filtrar datos entre sitios a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html https://issues.chromium.org/issues/333182464 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-4058
https://notcve.org/view.php?id=CVE-2024-4058
Type confusion in ANGLE in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) La confusión de tipos en ANGLE en Google Chrome anterior a 124.0.6367.78 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chromium: crítica) • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html https://issues.chromium.org/issues/332546345 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33925 – WordPress Embed Google Fonts plugin <= 3.1.0 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-33925
Missing Authorization vulnerability in Adrian Mörchen Embed Google Fonts.This issue affects Embed Google Fonts: from n/a through 3.1.0. Vulnerabilidad de autorización faltante en Adrian Mörchen Embed Google Fonts. Este problema afecta a Embed Google Fonts: desde n/a hasta 3.1.0. The Embed Google Fonts plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 3.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthorized action. • https://patchstack.com/database/vulnerability/embed-google-fonts/wordpress-embed-google-fonts-plugin-3-1-0-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •