cleantalk
Vulnerabilities and Security Researches

Advanced Custom Fields: Font Awesome Field, CVE-2026-49044

CVE, Research URL

CVE-2026-49044

Home page URL

Security reports for Advanced Custom Fields: Font Awesome Field

Application

Advanced Custom Fields: Font Awesome Field

Published on
May 27, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Kruit Advanced Custom Fields: Font Awesome Field allows Stored XSS. This issue affects Advanced Custom Fields: Font Awesome Field: from n/a through 5.0.2.
Affected versions
max 5.0.2.
Status
vulnerable
Previous vulnerability researches
Responsive Check (CVE-2026-8844) , May 28, 2026
New vulnerability
Online Service Booking System & Reservation Plugin – WpBookingly (CVE-2026-25444) , May 28, 2026
Ads by WPQuads – Adsense Ads, Banner Ads, Popup Ads (CVE-2026-42732) , May 28, 2026
PropertyHive (CVE-2026-42729) , May 28, 2026
Facebook for WooCommerce (CVE-2026-49059) , May 28, 2026
SVG Support (CVE-2026-48973) , May 28, 2026