Design/Logic Flaw

2018-01-0905:29:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

25.0%

JSON

The Easy Custom Auto Excerpt plugin 2.4.6 for WordPress has XSS via the tonjoo_ecae_options[custom_css] parameter to the wp-admin/admin.php?page=tonjoo_excerpt URI.

CPENameOperatorVersion
easy_custom_auto_excerpteq2.4.6

CPE	Name	Operator	Version
	easy_custom_auto_excerpt	eq	2.4.6

References

github.com/d4wner/Vulnerabilities-Report/blob/master/easy-custom-auto-excerpt.md

wordpress.org/support/topic/stored-xss-bugs-at-the-latest-version-of-easy-custom-auto-excerpt/

0.001 Low

EPSS

Percentile

25.0%

JSON

Related for PRION:CVE-2018-5311