Security for everyone

CVE-2016-1000126 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in Admin Font Editor plugin for WordPress affects v. 1.8.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one


Parent Category

CVE-2016-1000126 Scanner Detail

The Admin Font Editor plugin is a popular WordPress plugin used for designing and customizing website fonts. This plugin allows website owners to easily modify their website's fonts and create a unique brand identity. With this plugin, users can choose from a wide range of font families and font sizes, including custom fonts.

However, this plugin has a serious vulnerability, CVE-2016-1000126. This vulnerability can be exploited through a reflected XSS attack, which allows attackers to inject malicious code into a website. The vulnerability exists due to the lack of sanitization of user input.

When exploited, this vulnerability can lead to various consequences, ranging from the theft of sensitive data to complete website takeover by attackers. The attacker can use the vulnerability to launch phishing attacks and steal sensitive information, such as login credentials, credit card information, and other personal data. This vulnerability can also be used to modify or delete website content, leading to reputational damage and loss of business.

By using the pro features of the platform, website owners and developers can easily and quickly learn about vulnerabilities in their digital assets, including WordPress plugins like the Admin Font Editor. Utilizing the platform's features, users can identify vulnerabilities, assess the risks, and take appropriate measures to protect against attacks. With the help of, website owners can ensure that their digital assets remain secure and protected against malicious attacks.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture