GHSA-jvxm-pqmv-6427MediumCVSS 6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
🔗 CVE IDs covered (1)
📋 Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Kruit Advanced Custom Fields: Font Awesome Field allows Stored XSS.
This issue affects Advanced Custom Fields: Font Awesome Field: from n/a through 5.0.2.
🔗 References (3)
- https://nvd.nist.gov/vuln/detail/CVE-2026-49044
- https://patchstack.com/database/wordpress/plugin/advanced-custom-fields-font-awesome/vulnerability/wordpress-advanced-custom-fields-font-awesome-field-plugin-5-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://github.com/advisories/GHSA-jvxm-pqmv-6427