This issue affects Advanced Custom Fields: Font Awesome Field: from n/a through 5.0.2.
Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Thu, 28 May 2026 05:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Justinkruit
Justinkruit advanced Custom Fields:font Awesome Field Wordpress Wordpress wordpress |
|
| Vendors & Products |
Justinkruit
Justinkruit advanced Custom Fields:font Awesome Field Wordpress Wordpress wordpress |
Wed, 27 May 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 27 May 2026 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Kruit Advanced Custom Fields: Font Awesome Field allows Stored XSS. This issue affects Advanced Custom Fields: Font Awesome Field: from n/a through 5.0.2. | |
| Title | WordPress Advanced Custom Fields: Font Awesome Field plugin <= 5.0.2 - Cross Site Scripting (XSS) vulnerability | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-05-27T16:07:03.872Z
Reserved: 2026-05-27T08:41:55.487Z
Link: CVE-2026-49044
Updated: 2026-05-27T16:06:58.614Z
Status : Deferred
Published: 2026-05-27T15:16:32.817
Modified: 2026-06-17T10:55:27.463
Link: CVE-2026-49044
No data.
OpenCVE Enrichment
Updated: 2026-05-28T04:45:07Z