Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-32625: Multiple vulnerabilities in WordPress Plugin "TS Webfonts for SAKURA"

Cross-site request forgery (CSRF) vulnerability in TS Webfonts for SAKURA 3.1.2 and earlier allows a remote unauthenticated attacker to hijack the authentication of a user and to change settings by having a user view a malicious page.

CVE
#xss#csrf#vulnerability#web#wordpress#auth

Published:2023/07/20 Last Updated:2023/07/20

Overview

WordPress Plugin “TS Webfonts for SAKURA” provided by SAKURA internet Inc. contains multiple vulnerabilities.

Products Affected

CVE-2023-32624

  • TS Webfonts for SAKURA 3.1.0 and earlier

CVE-2023-32625

  • TS Webfonts for SAKURA 3.1.2 and earlier

Description

WordPress Plugin “TS Webfonts for SAKURA” provided by SAKURA internet Inc. contains multiple vulnerabilities listed below.

  • Cross-site scripting (CWE-79) - CVE-2023-32624

    CVSS v3

    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

    Base Score: 6.1

    CVSS v2

    AV:N/AC:H/Au:N/C:N/I:P/A:N

    Base Score: 2.6

  • Cross-site request forgery (CWE-352) - CVE-2023-32625

    CVSS v3

    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

    Base Score: 4.3

    CVSS v2

    AV:N/AC:H/Au:N/C:N/I:P/A:N

    Base Score: 2.6

Impact

  • An arbitrary script may be executed on the web browser of the user who is logging in to the WordPress using the plugin - CVE-2023-32624
  • If a user with the administrative privilege views a malicious page while logging in to the WordPress using the plugin, settings may be changed without user’s intention - CVE-2023-32625

Solution

Update the plugin
Update the plugin according to the information provided by the developer.
The developer addressed these vulnerabilities in the following versions:

  • CVE-2023-32624:
    • TS Webfonts for SAKURA 3.1.1
  • CVE-2023-32625:
    • TS Webfonts for SAKURA 3.1.3

Vendor Status

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

SAKURA internet Inc. reported these vulnerabilities to IPA to notify users of the solutions through JVN. JPCERT/CC and SAKURA internet Inc. coordinated under the Information Security Early Warning Partnership.

Other Information

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907