What the vulnerability does
01Description
Cross-Site Request Forgery (CSRF) vulnerability in Mickey Kay's Better Font Awesome plugin <= 2.0.1 at WordPress.
CVE-2022-37405
MEDIUM
CVE-2022-37405: WordPress Better Font Awesome plugin <= 2.0.1 - Cross-Site Request Forgery (CSRF) vulnerability
CVSS base score
4.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Key dates
02Disclosure timeline
September 9, 2022
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-23639 WordPress MDC YouTube Downloader plugin <= 3.0.0 - CSRF to Stored XSS vulnerability
CVE-2020-7336 Network Security Management (NSM) - Cross Site Request Forgery vulnerability
CVE-2025-39374 WordPress Best Posts Summary plugin <= 1.0 - CSRF to Stored XSS vulnerability
CVE-2023-6671 Cross-Site Request Forgery on OPEN JOURNAL SYSTEMS
CVE-2024-32693 WordPress Automatic plugin < 3.93.0 - Multiple Cross Site Request Forgery (CSRF) vulnerability
