{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2024-001.pdf"
    },
    "title": "Vulnerability in Wordpress Google Fonts Plugin",
    "serial_number": "2024-001",
    "publish_date": "08-01-2024 06:58:33",
    "description": "On January 2, 2024, an unauthenticated Stored Cross-Site Scripting (XSS) and directory deletion vulnerability has been discovered in the \"OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy.\" plugin for WordPress. This vulnerability, identified as \"CVE-2023-6600\" (CVSS score of 8.6)[1], may allow unauthenticated attackers to update the plugin's settings and inject malicious scripts into affected sites.<br>\nThis vulnerability could affect sites that have the OMGF plugin installed and configured, which is estimated to be over 300,000 sites.<br>\n",
    "url_title": "2024-001",
    "content_markdown": "--- \ntitle: 'Vulnerability in\u00a0Wordpress Google\u00a0Fonts\u00a0Plugin'\nnumber: '2024-001'\nversion: '1.0'\noriginal_date: 'January 2, 2024'\ndate: 'January 3, 2024'\n---\n\n_History:_\n\n* _03/01/2024 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn January 2, 2024, an unauthenticated Stored Cross-Site Scripting (XSS) and directory deletion vulnerability has been discovered in the \"_OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy._\" plugin for WordPress. This vulnerability, identified as `CVE-2023-6600` (CVSS score of 8.6)[1], may allow unauthenticated attackers to update the plugin's settings and inject malicious scripts into affected sites [2].\n\nThis vulnerability could affect sites that have the OMGF plugin installed and configured, which is estimated to be over 300,000 sites [3].\n\n# Technical Details\n\nThe OMGF plugin vulnerability occurs due to a missing capability check on the `update_settings()` function hooked via `admin_init`. This allows unauthenticated attackers to modify the plugin's settings, leading to Stored Cross-Site Scripting and directory deletion.\n\n# Affected Products\n\n\"_OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy._\" plugin version 5.7.9 and below.\n\n# Recommendations\n\nTo mitigate this vulnerability, users should update the vulnerable plugin to at least version 5.7.10 as it contains the necessary fixes. \n\nUsers are also advised to monitor their WordPress sites for any signs of unauthorised changes, such as injected scripts or deleted directories.\n\n# References\n\n[1] <https://nvd.nist.gov/vuln/detail/CVE-2023-6600>\n\n[2] <https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/host-webfonts-local/omgf-gdprdsgvo-compliant-faster-google-fonts-easy-579-missing-authorization-to-unauthenticated-directory-deletion-and-cross-site-scripting>\n\n[3] <https://wordpress.org/plugins/host-webfonts-local/#description>\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>03/01/2024 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On January 2, 2024, an unauthenticated Stored Cross-Site Scripting (XSS) and directory deletion vulnerability has been discovered in the \"<em>OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy.</em>\" plugin for WordPress. This vulnerability, identified as <code>CVE-2023-6600</code> (CVSS score of 8.6)[1], may allow unauthenticated attackers to update the plugin's settings and inject malicious scripts into affected sites [2].</p><p>This vulnerability could affect sites that have the OMGF plugin installed and configured, which is estimated to be over 300,000 sites [3].</p><h2 id=\"technical-details\">Technical Details</h2><p>The OMGF plugin vulnerability occurs due to a missing capability check on the <code>update_settings()</code> function hooked via <code>admin_init</code>. This allows unauthenticated attackers to modify the plugin's settings, leading to Stored Cross-Site Scripting and directory deletion.</p><h2 id=\"affected-products\">Affected Products</h2><p>\"<em>OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy.</em>\" plugin version 5.7.9 and below.</p><h2 id=\"recommendations\">Recommendations</h2><p>To mitigate this vulnerability, users should update the vulnerable plugin to at least version 5.7.10 as it contains the necessary fixes. </p><p>Users are also advised to monitor their WordPress sites for any signs of unauthorised changes, such as injected scripts or deleted directories.</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://nvd.nist.gov/vuln/detail/CVE-2023-6600\">https://nvd.nist.gov/vuln/detail/CVE-2023-6600</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/host-webfonts-local/omgf-gdprdsgvo-compliant-faster-google-fonts-easy-579-missing-authorization-to-unauthenticated-directory-deletion-and-cross-site-scripting\">https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/host-webfonts-local/omgf-gdprdsgvo-compliant-faster-google-fonts-easy-579-missing-authorization-to-unauthenticated-directory-deletion-and-cross-site-scripting</a></p><p>[3] <a rel=\"noopener\" target=\"_blank\" href=\"https://wordpress.org/plugins/host-webfonts-local/#description\">https://wordpress.org/plugins/host-webfonts-local/#description</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}