[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fpT6lgDEl2MLN-mxqH1-GK5zXT3Q4x7zKGR7IepTELAE":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":14,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":55,"crawl_stats":36,"alternatives":63,"analysis":156,"fingerprints":226},"perfect-font-awesome-integration","Perfect Font Awesome Integration","2.3.1","WPOrbit Support","https:\u002F\u002Fprofiles.wordpress.org\u002Fkaushik07\u002F","\u003Cp>Perfect Font Awesome Integration plugin seamlessly adds latest font awesome icons to your wordpress site.\u003C\u002Fp>\n\u003Cp>How to use this plugin ?\u003C\u002Fp>\n\u003Cp>Install the plugin.\u003Cbr \u002F>\nGo to Posts > Add New\u003Cbr \u002F>\nIn the visual editor you will find [FA ICON] tab.\u003C\u002Fp>\n\u003Cp>Following settings are available :\u003C\u002Fp>\n\u003Cp>1) Fa Icon Code:(Eg: fa fa-pencil)\u003Cbr \u002F>\nList of all codes are available on :\u003Cbr \u002F>\nhttps:\u002F\u002Ffontawesome.com\u002Ficons\u003C\u002Fp>\n\u003Cp>2) Color:(Eg: #333333) leave blank for default\u003C\u002Fp>\n\u003Cp>3) Size : Choose from 2x to 5x larger.\u003C\u002Fp>\n\u003Cp>4) Alignment : If your icon is off from the text, use this option.\u003C\u002Fp>\n\u003Cp>5) Border: Gives a border to the icon.\u003C\u002Fp>\n\u003Cp>6) Float: Make the icon float left or right.\u003C\u002Fp>\n\u003Cp>7) Animate: Give a spinning animation to font awesome icon. Useful in loading type icons.\u003C\u002Fp>\n\u003Cp>8) Rotate\u002FFlip: Rotate the icon 90 to 270 degrees, Flip vertically and Horizontally.\u003C\u002Fp>\n\u003Cp>Press ok to insert the shortcode in post.\u003C\u002Fp>\n","Perfectly Integrates latest font awesome icons with your wordpress site as well as adds an Icon insert button in Tiny MCE wordpress editor.",100,7407,90,2,"2024-12-04T20:35:00.000Z","6.7.5","3.0","5.4",[20,21,22,23],"font-awesome","fontawesome","fontawesome-icons","fontawesome-integration","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fperfect-font-awesome-integration.zip",91,0,"2025-04-01 00:00:00","2026-03-15T15:16:48.613Z",[31,46],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":6,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":45},"CVE-2025-31861","perfect-font-awesome-integration-authenticated-contributor-stored-cross-site-scripting-2","Perfect Font Awesome Integration \u003C= 2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Perfect Font Awesome Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=2.3","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-04-09 14:04:01",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9d50c9e5-d7c3-46d6-b01b-0a8f0e6f019e?source=api-prod",9,{"id":47,"url_slug":48,"title":34,"description":49,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":6,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":50,"updated_date":51,"references":52,"days_to_patch":54},"CVE-2024-11891","perfect-font-awesome-integration-authenticated-contributor-stored-cross-site-scripting","The Perfect Font Awesome Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pfai' shortcode in all versions up to, and including, 2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","2024-12-11 00:00:00","2024-12-12 04:23:10",[53],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F11aac185-191b-4f7b-8472-84d3decd582f?source=api-prod",1,{"slug":56,"display_name":7,"profile_url":8,"plugin_count":57,"total_installs":58,"avg_security_score":59,"avg_patch_time_days":60,"trust_score":61,"computed_at":62},"kaushik07",3,320,94,4,96,"2026-04-04T10:53:22.921Z",[64,87,106,122,139],{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":72,"downloaded":73,"rating":74,"num_ratings":75,"last_updated":76,"tested_up_to":77,"requires_at_least":78,"requires_php":79,"tags":80,"homepage":83,"download_link":84,"security_score":85,"vuln_count":54,"unpatched_count":27,"last_vuln_date":86,"fetched_at":29},"advanced-custom-fields-font-awesome","Advanced Custom Fields: Font Awesome Field","5.0.2","Matt Keys","https:\u002F\u002Fprofiles.wordpress.org\u002Fmattkeys\u002F","\u003Cp>Add a \u003Ca href=\"http:\u002F\u002Ffontawesome.com\u002F\" rel=\"nofollow ugc\">Font Awesome\u003C\u002Fa> icon field type to Advanced Custom Fields.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Specify which FontAwesome icon sets to use (Solid, Regular, Light, Thin, Duotone, Duotone Sharp, Brands, and Custom Upload Icons) (Some features only available with FontAwesome 5.x or 6.x icons)\u003C\u002Fli>\n\u003Cli>Create your own custom filtered list of FontAwesome icons to use with your fields. Use different custom icon sets with different fields\u003C\u002Fli>\n\u003Cli>Returns Icon Element, Icon Class, Icon Unicode, or an Object including the element, class, unicode value, and SVG data (if applicable)\u003C\u002Fli>\n\u003Cli>Optionally enqueues Font Awesome in footer where needed (when a FontAwesome field is being used on the page))\u003C\u002Fli>\n\u003Cli>Integrates with the \u003Ca href=\"https:\u002F\u002Fdocs.fontawesome.com\u002Fapis\u002Fgraphql\" rel=\"nofollow ugc\">FontAwesome GraphQL\u003C\u002Fa> for loading your \u003Ca href=\"https:\u002F\u002Fdocs.fontawesome.com\u002Fweb\u002Fsetup\u002Fuse-kit\" rel=\"nofollow ugc\">FontAwesome Kits\u003C\u002Fa>, searching for icons, and loading the latest version of FontAwesome\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: It is recommended to let this plugin enqueue the latest version of Font Awesome on your front-end; or include the latest version yourself using your \u003Ca href=\"https:\u002F\u002Fdocs.fontawesome.com\u002Fweb\u002Fsetup\u002Fuse-kit\" rel=\"nofollow ugc\">FontAwesome Kit\u003C\u002Fa>; so that available icons in the admin area will be displayed properly on your sites front-end.\u003C\u002Fp>\n\u003Ch4>Compatibility\u003C\u002Fh4>\n\u003Cp>This ACF field type is compatible with:\u003Cbr \u002F>\n* ACF 5.7+\u003Cbr \u002F>\n* FontAwesome 4.x, 5.x, 6.x and 7.x fonts\u003C\u002Fp>\n\u003Ch3>Optional Configuration\u003C\u002Fh3>\n\u003Ch3>Filters\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>ACFFA_always_enqueue_fa\u003C\u002Fstrong>: Return true to always enqueue FontAwesome on the frontend, even if no ACF FontAwesome fields are in use on the page. This will enqueue FontAwesome in the header instead of the footer.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ACFFA_admin_enqueue_fa\u003C\u002Fstrong>: Return false to stop enqueueing FontAwesome in the admin area. Useful if you already have FontAwesome enqueued by some other means.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ACFFA_get_icons\u003C\u002Fstrong>: (Applies to FontAwesome 4.x and 5.x icons only) Filter the array of icons and icon details loaded from the database\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ACFFA_get_fa_url\u003C\u002Fstrong>: Filter the URL used for enqueuing FontAwesome in the frontend and admin areas of the site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ACFFA_override_major_version\u003C\u002Fstrong>: Filter to manually set the ‘major’ version of FontAwesome to load (accepts either 4, 5, or 6). NOTE: This filter must be registered before any calls to ACF get_field() function are made.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ACFFA_fa_api_key\u003C\u002Fstrong>: Filter to programmatically set the FontAwesome API key.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>ACFFA_fa_kit_token\u003C\u002Fstrong>: Filter to programmatically set the FontAwesome kit token.\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds a new 'Font Awesome Icon' field to the popular Advanced Custom Fields plugin.",100000,1665691,98,36,"2026-01-09T09:54:00.000Z","6.9.4","3.5","5.6",[81,82,20,21],"acf","advanced-custom-fields","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fadvanced-custom-fields-font-awesome\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-custom-fields-font-awesome.5.0.2.zip",99,"2026-02-18 00:00:00",{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":74,"num_ratings":45,"last_updated":97,"tested_up_to":98,"requires_at_least":99,"requires_php":79,"tags":100,"homepage":103,"download_link":104,"security_score":26,"vuln_count":14,"unpatched_count":27,"last_vuln_date":105,"fetched_at":29},"wp-font-awesome","WP Font Awesome","1.8.0","Zayed Baloch","https:\u002F\u002Fprofiles.wordpress.org\u002Fzayedbaloch\u002F","\u003Cp>This plugin allows you to easily embed Font Awesome icon to your website using HTML or built-in shortcode handlers.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Shortcode support. Example: For Font Awesome 5 \u003Ccode>[wpfa5s icon=\"\"]\u003C\u002Fcode>, \u003Ccode>[wpfa5r icon=\"\"]\u003C\u002Fcode>, \u003Ccode>[wpfab icon=\"\"]\u003C\u002Fcode>, and for Font Awesome 4.7+ \u003Ccode>[wpfa icon=\"\"]\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Use Larger Icon: \u003Ccode>[wpfa icon=\"\" size=\"2x\"]\u003C\u002Fcode>. Sizes: \u003Ccode>xs\u003C\u002Fcode>, \u003Ccode>sm\u003C\u002Fcode>, \u003Ccode>lg\u003C\u002Fcode>, \u003Ccode>2x\u003C\u002Fcode>, \u003Ccode>3x\u003C\u002Fcode>, \u003Ccode>5x\u003C\u002Fcode>, \u003Ccode>7x\u003C\u002Fcode>, \u003Ccode>10x\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Add Font Awesome icon in Menu with shortcode.\u003C\u002Fli>\n\u003Cli>Support shortocde in Widgets.\u003C\u002Fli>\n\u003Cli>Support post and page title.\u003C\u002Fli>\n\u003Cli>Font Awesome version 6\u003C\u002Fli>\n\u003Cli>Support Font Awesome version 5.+ and 4.7.0\u003C\u002Fli>\n\u003Cli>Add Font Awesome icon from editor Toolbar button.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Shortcodes\u003C\u002Fh4>\n\u003Cp>Introduced three new shortcode for Font Awesome support.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Font Awesome v6 & v5\u003C\u002Fstrong>\u003Cbr \u002F>\n    [wpfa5s icon=”home”] for Solid style.\u003Cbr \u002F>\n    [wpfa5r icon=”user”] for Regular style. \u003Cem>support only in few icon\u003C\u002Fem>.\u003Cbr \u002F>\n    [wpfa5b icon=”wordpress”] for Brands.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Font Awesome 4.7+\u003C\u002Fstrong>\u003Cbr \u002F>\n    [wpfa icon=””].\u003C\u002Fp>\n\u003Ch4>Note\u003C\u002Fh4>\n\u003Cp>The \u003Ccode>fa\u003C\u002Fcode> prefix has been deprecated in version 5. The new default is the \u003Ccode>fas\u003C\u002Fcode> solid style \u003Ccode>far\u003C\u002Fcode> regular style and the \u003Ccode>fab\u003C\u002Fcode> style for brands.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WP Font Awesome plugin still support Font Awesome version 4\u003C\u002Fstrong>\u003C\u002Fp>\n","This plugin allows you to easily embed Font Awesome icon to your site with simple shortcodes.",10000,151978,"2024-07-09T06:56:00.000Z","6.6.5","3.2",[20,101,21,102],"font-icon","icon","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-font-awesome\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-font-awesome.1.8.0.zip","2023-10-23 00:00:00",{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":11,"downloaded":114,"rating":11,"num_ratings":54,"last_updated":115,"tested_up_to":116,"requires_at_least":17,"requires_php":24,"tags":117,"homepage":119,"download_link":120,"security_score":121,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"easy-fontawesome","Easy Fontawesome","1.0","Andrew Gunn","https:\u002F\u002Fprofiles.wordpress.org\u002Famg26\u002F","\u003Cp>Add FontAwesome css icons to your site.\u003C\u002Fp>\n","Add FontAwesome css icons to your site.",5167,"2016-07-22T23:42:00.000Z","4.5.33",[118,107,20,21],"easy-font-awesome","http:\u002F\u002Fandrewgunn.xyz","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Feasy-fontawesome.zip",85,{"slug":123,"name":124,"version":125,"author":126,"author_profile":127,"description":128,"short_description":129,"active_installs":11,"downloaded":130,"rating":11,"num_ratings":54,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":18,"tags":134,"homepage":137,"download_link":138,"security_score":121,"vuln_count":27,"unpatched_count":27,"last_vuln_date":36,"fetched_at":29},"nm-font-awesome","NM Font Awesome","1.0.5","Mykhailo Nykoliuk","https:\u002F\u002Fprofiles.wordpress.org\u002Fnykoliuk\u002F","\u003Cp>NM Font Awersome makes it easy to add vector icons and social logos from \u003Ca href=\"https:\u002F\u002Ffontawesome.com\u002F\" rel=\"nofollow ugc\">Font Awesome\u003C\u002Fa> to your website. And version 5 is redesigned and built from the ground up!\u003C\u002Fp>\n\u003Ch4>Usage\u003C\u002Fh4>\n\u003Cp>Font Awesome version 5 icons can be any of 4 different styles, each with its own prefix.\u003Cbr \u002F>\nIn the free version of the plugin, you can use only 2 styles:\u003Cbr \u002F>\n* \u003Cstrong>Solid\u003C\u002Fstrong>, with style prefix \u003Ccode>fas\u003C\u002Fcode>\u003Cbr \u002F>\n* \u003Cstrong>Brands\u003C\u002Fstrong>, with style prefix \u003Ccode>fab\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Read the documentation \u003Ca href=\"https:\u002F\u002Ffontawesome.com\u002Fhow-to-use\u002Fsvg-with-js#additional-styling\" rel=\"nofollow ugc\">Additional Styling Classes\u003C\u002Fa> to use the plug-in’s features 100%.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NM Font Awersome gives you 2 ways of usage:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>1) SHORTCODE\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>[nm_fa name=\"fas fa-camera-retro\"]\n\n[nm_fa name=\"fas fa-camera-retro fa-2x\"]\n\n[nm_fa name=\"fas fa-cog fa-spin\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Where the name is the name of the class of the icon that you want to add.\u003C\u002Fp>\n\u003Cp>A complete list of icons you can find on \u003Ca href=\"https:\u002F\u002Ffontawesome.com\u002Ficons\" rel=\"nofollow ugc\">Font Awesome\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>2) TINYMCE\u003C\u002Fh4>\n\u003Cp>Select the desired icon in the drop-down menu.\u003C\u002Fp>\n\u003Ch4>3) HTML\u003C\u002Fh4>\n\u003Cp>To access the HTML editor, click on the “HTML” link on the tab at the top right of the text editor window in WordPress.\u003Cbr \u002F> If you don\\’t know how to use Font Awesome in HTML, you can read \u003Ca href=\"https:\u002F\u002Ffontawesome.com\u002Fhow-to-use\u002Fsvg-with-js#basic-use\" rel=\"nofollow ugc\">Font Awesome Basic Use\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Coming soon\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>In the near future there will be a PRO version, where you can use all Awesome Icons.\u003C\u002Fp>\n","Wordpress plugin that adds the latest version 5 of Font Awesome into your WordPress project.",3722,"2019-01-18T12:33:00.000Z","4.9.29","4.0",[135,20,21,102,136],"font","icons","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fnm-font-awesome\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fnm-font-awesome.zip",{"slug":140,"name":141,"version":142,"author":143,"author_profile":144,"description":145,"short_description":146,"active_installs":13,"downloaded":147,"rating":27,"num_ratings":27,"last_updated":148,"tested_up_to":16,"requires_at_least":149,"requires_php":150,"tags":151,"homepage":153,"download_link":154,"security_score":26,"vuln_count":54,"unpatched_count":27,"last_vuln_date":155,"fetched_at":29},"surbma-font-awesome","Surbma | Font Awesome","3.1","Surbma","https:\u002F\u002Fprofiles.wordpress.org\u002Fsurbma\u002F","\u003Cp>With this plugin you can use the iconic font and CSS toolkit, the Font Awesome icons. It is loading the css and the font files from the MaxCDN network, which means super fast loading, wherever your visitors are on this planet.\u003C\u002Fp>\n\u003Cp>You get also a very useful shortcode to use icons on your site:\u003Cbr \u002F>\n    [fa class=”fa-camera-retro”]\u003C\u002Fp>\n\u003Cp>As you can see, you only need to add the icon name, that’s it. Isn’t it awesome? If you use the \u003Ccode>\u003Ci class=\"fa fa-camera-retro\">\u003C\u002Fi>\u003C\u002Fcode> code, the WordPress editor will remove it, because it is an empty code, which “should be removed”. So with this shortcode, you can use the Font Awesome icons wherever you want.\u003C\u002Fp>\n\u003Cp>Font Awesome official site and all the icons: \u003Ca href=\"http:\u002F\u002Ffortawesome.github.io\u002FFont-Awesome\u002F\" rel=\"nofollow ugc\">Font Awesome website »\u003C\u002Fa>\u003C\u002Fp>\n","Font Awesome - The iconic font and CSS toolkit",6603,"2024-12-30T22:46:00.000Z","5.1","7.4",[20,21,152,136],"icon-font","https:\u002F\u002Fsurbma.com\u002Fwordpress-plugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsurbma-font-awesome.3.1.zip","2024-11-08 00:00:00",{"attackSurface":157,"codeSignals":195,"taintFlows":211,"riskAssessment":212,"analyzedAt":225},{"hooks":158,"ajaxHandlers":187,"restRoutes":188,"shortcodes":189,"cronEvents":194,"entryPointCount":54,"unprotectedCount":27},[159,165,170,174,179,183],{"type":160,"name":161,"callback":162,"file":163,"line":164},"action","admin_menu","pfai_admin_page","admin\\admin-page.php",17,{"type":160,"name":166,"callback":167,"file":168,"line":169},"wp_enqueue_scripts","pfai_plugtohead","perfect-font-awesome-integration.php",15,{"type":160,"name":171,"callback":172,"file":168,"line":173},"admin_head","pfai_add_fa_tc_button",21,{"type":175,"name":176,"callback":177,"file":168,"line":178},"filter","mce_external_plugins","pfai_add_tinymce_plugin",24,{"type":175,"name":180,"callback":181,"file":168,"line":182},"mce_buttons","pfai_register_fa_tc_button",25,{"type":160,"name":184,"callback":185,"file":168,"line":186},"init","pfai_register_shortcode",56,[],[],[190],{"tag":191,"callback":192,"file":168,"line":193},"pfai","pfai_shortcode_func",58,[],{"dangerousFunctions":196,"sqlUsage":197,"outputEscaping":199,"fileOperations":27,"externalRequests":27,"nonceChecks":27,"capabilityChecks":27,"bundledLibraries":210},[],{"prepared":27,"raw":27,"locations":198},[],{"escaped":14,"rawEcho":60,"locations":200},[201,204,206,208],{"file":163,"line":202,"context":203},23,"raw output",{"file":163,"line":205,"context":203},33,{"file":163,"line":207,"context":203},35,{"file":163,"line":209,"context":203},39,[],[],{"summary":213,"deductions":214},"The plugin 'perfect-font-awesome-integration' v2.3.1 presents a mixed security posture. On the positive side, the static analysis reveals no dangerous functions, all SQL queries use prepared statements, there are no file operations or external HTTP requests, and the total attack surface is minimal with only one shortcode entry point, which appears to be unprotected. The absence of taint analysis findings further suggests no obvious immediate risks from input sanitization or data flow issues. However, a significant concern is the low output escaping rate of only 33%. This indicates that user-supplied data or dynamic content rendered within the plugin's output might be susceptible to cross-site scripting (XSS) vulnerabilities if not handled properly in the remaining unescaped output points.\n\nThe plugin's vulnerability history is a notable red flag, with a total of two known medium-severity CVEs, both related to Cross-Site Scripting (XSS). While there are currently no unpatched vulnerabilities, the historical prevalence of XSS issues, especially the most recent one dating to April 2025, suggests a recurring pattern of insecure output handling. This pattern, coupled with the low proper output escaping rate identified in the static analysis, strongly points to a systemic weakness in how the plugin sanitizes and escapes data before rendering it to the user. The lack of capability checks and nonce checks on the entry points, while not necessarily an immediate vulnerability given the limited attack surface, are generally considered good security practices for entry points that could potentially process user input.",[215,218,221,223],{"reason":216,"points":217},"Low output escaping rate",12,{"reason":219,"points":220},"Past medium severity CVEs",10,{"reason":222,"points":60},"Lack of capability checks on entry points",{"reason":224,"points":60},"Lack of nonce checks on entry points","2026-03-16T20:34:08.827Z",{"wat":227,"direct":234},{"assetPaths":228,"generatorPatterns":230,"scriptPaths":231,"versionParams":233},[229],"\u002Fwp-content\u002Fplugins\u002Fperfect-font-awesome-integration\u002Ffontawesome\u002Fcss\u002Fall.css",[],[232],"\u002Fwp-content\u002Fplugins\u002Fperfect-font-awesome-integration\u002Ffa-button.js",[],{"cssClasses":235,"htmlComments":237,"htmlAttributes":238,"restEndpoints":239,"jsGlobals":240,"shortcodeOutput":241},[236],"wp-menu-image",[],[],[],[],[242,243],"\u003Ci style=\"color:","class=\""]