CVE-2025-26567

Name of the Vulnerable Software and Affected Versions: Font Awesome WP versions n/a through 1.0

Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows DOM-Based XSS. This enables potential attackers to execute malicious scripts on the client-side.

Recommendations: For Font Awesome WP versions n/a through 1.0, as a temporary workaround, consider disabling any functionality that generates web pages based on user input until a patch is available. Restrict access to sensitive areas of the application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.