Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:15 a.m.14 views

CVE-2022-4512

The Better Font Awesome WordPress plugin before 2.0.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.8CVSS5.8AI score0.00762EPSS
Exploits2References1
Circl
Circl
added 2025/03/21 8:25 p.m.8 views

CVE-2022-4512

creationtimestamp| type| source ---|---|--- 2025-03-21 20:25:01+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8436...

6.8CVSS5.5AI score0.00762EPSS
Exploits2References1
NVD
NVD
added 2023/02/13 3:15 p.m.22 views

CVE-2022-4512

The Better Font Awesome WordPress plugin before 2.0.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.8CVSS5.3AI score0.00762EPSS
Exploits2References1
OSV
OSV
added 2023/02/13 3:15 p.m.3 views

CVE-2022-4512

The Better Font Awesome WordPress plugin before 2.0.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00762EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/02/13 2:32 p.m.23 views

CVE-2022-4512 Better Font Awesome < 2.0.4 - Contributor+ Stored XSS

The Better Font Awesome WordPress plugin before 2.0.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.5AI score0.00762EPSS
Exploits2References1
CVE
CVE
added 2023/02/13 2:32 p.m.66 views

CVE-2022-4512

The Better Font Awesome WordPress plugin is vulnerable to Stored XSS in versions before 2.0.4 due to insufficient validation/escaping of certain shortcode attributes before output. Impacted scope includes pages/posts embedding the shortcode, with attacker privileges at Contributor or higher able ...

6.8CVSS5.3AI score0.00762EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/01/18 12:0 a.m.18 views

WordPress Better Font Awesome Plugin < 2.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Better Font Awesome Type Plugin Vulnerable versions 2.0.4 Fixed in 2.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4512 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 3f338a1f451d Credits Lana Codes...

6.8CVSS5.6AI score0.00762EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder