Better Font Awesome Project Better Font Awesome — known CVE vulnerabilities
Every CVE whose affected-product data names Better Font Awesome Project Better Font Awesome, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-4512 — CVSS 5.4 (medium): The Better Font Awesome WordPress plugin before 2.0.4 does not validate and escape some of its shortcode attributes before outputting them…
CVE-2022-37405 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Mickey Kay's Better Font Awesome plugin <= 2.0.1 at WordPress.