Font Awesome 4.0.0-RC15 & RC16 - API Token & Access Token Disclosure



Description
"The vulnerability exposes the Font Awesome API token and access token for users who have configured the plugin to use a kit. If compromised, these tokens could give an unauthorized person access to that user’s list of kits and kit settings."

Affects Plugin

fixed in version 4.0.0-RC17

References

URL https://blog.fontawesome.com/font-awesome-wordpress-plugin-api-token-vulnerability-fixed/

Classification

Type UNKNOWN

Miscellaneous

Views 2111
Verified No
WPVDB ID 10122

Timeline

Publicly Published 2020-03-11 (4 months ago)
Added 2020-03-11 (4 months ago)
Last Updated 2020-03-12 (4 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin