Lucene search
+L

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-12350

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00471EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:40 a.m.9 views

CVE-2023-5127

The WP Font Awesome plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.7.9 due to insufficient input sanitization and output escaping on 'icon' user supplied attribute. This makes it possible for authenticated attackers with...

6.4CVSS5.8AI score0.00565EPSS
Exploits0References1
Prion
Prion
added 2023/10/25 6:17 p.m.22 views

Cross site scripting

The WP Font Awesome plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.7.9 due to insufficient input sanitization and output escaping on 'icon' user supplied attribute. This makes it possible for authenticated attackers with...

4.9CVSS5.2AI score0.00565EPSS
Exploits0References9Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/24 1:52 p.m.3 views

CVE-2023-5127 WP Font Awesome <= 1.7.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The WP Font Awesome plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.7.9 due to insufficient input sanitization and output escaping on 'icon' user supplied attribute. This makes it possible for authenticated attackers with...

6.4CVSS6.1AI score0.00565EPSS
Exploits0References10
CVE
CVE
added 2023/10/24 1:52 p.m.46 views

CVE-2023-5127

CVE-2023-5127 affects the WP Font Awesome WordPress plugin (versions ≤ 1.7.9). The vulnerability is a stored XSS via shortcode attributes, specifically the icon attribute, allowing authenticated users with contributor+ privileges to inject scripts into pages executed when viewed. Evidence from mu...

6.4CVSS5.2AI score0.00565EPSS
Exploits0References10Affected Software1
NVD
NVD
added 2023/02/21 9:15 a.m.16 views

CVE-2023-0271

The WP Font Awesome WordPress plugin before 1.7.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embedded, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/02/21 8:50 a.m.6 views

CVE-2023-0271 WP Font Awesome < 1.7.9 - Contributor+ Stored XSS

The WP Font Awesome WordPress plugin before 1.7.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embedded, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.3AI score0.00471EPSS
Exploits2References1
CVE
CVE
added 2023/02/21 8:50 a.m.58 views

CVE-2023-0271

The CVE-2023-0271 entry concerns the WP Font Awesome WordPress plugin prior to version 1.7.9. The issue arises from insufficient validation and escaping of certain shortcode attributes, which can lead to Stored Cross-Site Scripting when the shortcode is embedded in a page or post. Affected produc...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder