cleantalk
Vulnerabilities and Security Researches

Advanced Custom Fields: Font Awesome Field, CVE-2025-14983

CVE, Research URL

CVE-2025-14983

Home page URL

Security reports for Advanced Custom Fields: Font Awesome Field

Application

Advanced Custom Fields: Font Awesome Field

Published on
Feb 19, 2026
Research Description
The Advanced Custom Fields: Font Awesome Field plugin for WordPress is vulnerable to Cross-Site Scripting in all versions up to, and including, 5.0.1 due to insufficient input sanitization and output escaping. This makes it possible forauthenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts that execute in a victim's browser.
Affected versions
max 5.0.2.
Status
vulnerable
Previous vulnerability researches
Cool Tag Cloud (CVE-2025-13614) , Dec 11, 2025
Cool Tag Cloud (CVE-2025-69011) , Feb 27, 2026
Cool Tag Cloud (CVE-2021-24682) , Jun 07, 2024
New vulnerability
Court Reservation – Manage Your Court Bookings Online (CVE-2025-68852) , Feb 27, 2026
MailerLite – Signup forms (official) (CVE-2026-25420) , Feb 27, 2026
Starfish Review Generation & Marketing for WordPress (CVE-2025-15157) , Feb 27, 2026
Simple File List (CVE-2026-24953) , Feb 27, 2026
Visual Link Preview (CVE-2026-24984) , Feb 27, 2026