CVE-2023-5127
CVE-2023-5127 affects the WP Font Awesome WordPress plugin (versions ≤ 1.7.9). The vulnerability is a stored XSS via shortcode attributes, specifically the icon attribute, allowing authenticated users with contributor+ privileges to inject scripts into pages executed when viewed. Evidence from mu...