Better Font Awesome@* Security Vulnerabilities and Issues — Better Font Awesome@* CVE List

Lucene search

Better Font Awesome ProjectBetter Font Awesome*

3 matches found

CVE•added 2022/09/09 3:15 p.m.•63 views

CVE-2022-37405

Cross-Site Request Forgery (CSRF) vulnerability in Mickey Kay's Better Font Awesome plugin

8.8CVSS6.5AI score0.0025EPSS

CVE•added 2023/01/16 4:15 p.m.•54 views

CVE-2022-4478

The Font Awesome WordPress plugin before 4.3.2 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in admins.

5.4CVSS5.4AI score0.00113EPSS

CVE•added 2023/02/13 3:15 p.m.•52 views

CVE-2022-4512

The Better Font Awesome WordPress plugin before 2.0.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

6.8CVSS5.3AI score0.00385EPSS