CVE-2026-1086
Received Received - Intake
CSRF in Font Pairing Preview Plugin Allows Settings Modification

Publication date: 2026-03-07

Last updated on: 2026-03-07

Assigner: Wordfence

Description
The Font Pairing Preview For Landing Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3. This is due to missing nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to modify the plugin's font pairing settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-07
Last Modified
2026-03-07
Generated
2026-06-16
AI Q&A
2026-03-07
EPSS Evaluated
2026-06-15
NVD
CVE-2026-1086
EUVD
EUVD-2026-10127
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-352 The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "The vulnerability in the Font Pairing Preview For Landing Pages WordPress plugin (versions up to and including 1.3) is a Cross-Site Request Forgery (CSRF) issue. It occurs because the plugin's settings update functionality lacks nonce validation, which is a security measure to verify that requests are legitimate and intended by authenticated users."}, {'type': 'paragraph', 'content': "Due to this missing nonce check, an attacker can craft a forged request that, if a site administrator is tricked into clicking a malicious link, allows the attacker to modify the plugin's font pairing settings without proper authorization."}, {'type': 'paragraph', 'content': 'Additionally, the plugin uses outdated input sanitization methods and does not properly escape user inputs in the HTML output, which could also lead to Cross-Site Scripting (XSS) vulnerabilities.'}] [1, 2]

Impact Analysis

[{'type': 'paragraph', 'content': 'This vulnerability can allow an unauthenticated attacker to change the font pairing settings of the plugin on a WordPress site by tricking an administrator into performing an action such as clicking a malicious link.'}, {'type': 'paragraph', 'content': "While the direct impact is limited to modifying font settings, this unauthorized change could be used as a vector for further attacks, especially considering the plugin's insufficient input sanitization and output escaping, which may enable Cross-Site Scripting (XSS) attacks."}, {'type': 'paragraph', 'content': 'Such attacks could lead to defacement, injection of malicious scripts, or other unauthorized actions within the affected WordPress site.'}, {'type': 'paragraph', 'content': 'The CVSS v3.1 base score of 4.3 reflects a low to medium severity, indicating that the vulnerability requires user interaction but does not directly compromise confidentiality or availability.'}] [1, 2]

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking if the WordPress site is running the Font Pairing Preview For Landing Pages plugin version 1.3 or earlier, which lacks nonce validation on the settings update functionality.'}, {'type': 'paragraph', 'content': "To detect exploitation attempts on your system or network, you can monitor HTTP requests to the plugin's settings update endpoint for suspicious POST requests that modify font pairing settings without proper authentication."}, {'type': 'paragraph', 'content': "Since the plugin stores settings in the WordPress options table under the key 'wp_fpp_settings', you can also inspect the database for unexpected changes to this option."}, {'type': 'list_item', 'content': "Use web server logs or a network monitoring tool to look for POST requests to URLs related to the plugin's settings page, especially those that include parameters like 'fpp-font-1', 'fpp-font-2', 'fpp-font1-size', etc."}, {'type': 'list_item', 'content': 'Example command to search web server logs for suspicious POST requests (adjust path and log file as needed):'}, {'type': 'list_item', 'content': "grep -i 'POST' /var/log/apache2/access.log | grep 'wp-font-pairing-settings.php'"}, {'type': 'list_item', 'content': 'Query the WordPress database to check the current font pairing settings:'}, {'type': 'list_item', 'content': "SELECT * FROM wp_options WHERE option_name = 'wp_fpp_settings';"}, {'type': 'paragraph', 'content': "Note that no specific detection commands are provided in the resources, so these suggestions are based on the plugin's behavior and storage."}] [1, 2]

Mitigation Strategies

[{'type': 'paragraph', 'content': 'To mitigate this Cross-Site Request Forgery vulnerability in the Font Pairing Preview For Landing Pages plugin (versions up to 1.3), immediate steps include:'}, {'type': 'list_item', 'content': 'Update the plugin to a version that includes nonce validation and proper security checks if such an update is available.'}, {'type': 'list_item', 'content': 'If no update is available, temporarily disable or deactivate the plugin to prevent exploitation.'}, {'type': 'list_item', 'content': 'Restrict access to the WordPress admin area to trusted users only and ensure administrators are aware not to click on suspicious links that could trigger forged requests.'}, {'type': 'list_item', 'content': "Implement web application firewall (WAF) rules to block unauthorized POST requests to the plugin's settings endpoint."}, {'type': 'list_item', 'content': 'Review and harden WordPress security settings, including enforcing strong administrator authentication and limiting plugin installation to trusted sources.'}] [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1086. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart