3 matches found
CVE-2023-0271
The CVE-2023-0271 entry concerns the WP Font Awesome WordPress plugin prior to version 1.7.9. The issue arises from insufficient validation and escaping of certain shortcode attributes, which can lead to Stored Cross-Site Scripting when the shortcode is embedded in a page or post. Affected produc...
CVE-2023-0271 WP Font Awesome < 1.7.9 - Contributor+ Stored XSS
The WP Font Awesome WordPress plugin before 1.7.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embedded, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
WordPress WP Font Awesome Plugin < 1.7.9 is vulnerable to Cross Site Scripting (XSS)
Software WP Font Awesome Type Plugin Vulnerable versions 1.7.9 Fixed in 1.7.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0271 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 95fc32edf992 Credits István Márton Requir...