CVE-2023-0271

The CVE-2023-0271 entry concerns the WP Font Awesome WordPress plugin prior to version 1.7.9. The issue arises from insufficient validation and escaping of certain shortcode attributes, which can lead to Stored Cross-Site Scripting when the shortcode is embedded in a page or post. Affected produc...

CVE-2023-5127

CVE-2023-5127 affects the WP Font Awesome WordPress plugin (versions ≤ 1.7.9). The vulnerability is a stored XSS via shortcode attributes, specifically the icon attribute, allowing authenticated users with contributor+ privileges to inject scripts into pages executed when viewed. Evidence from mu...