2 matches found
CVE-2018-5311
The Easy Custom Auto Excerpt plugin 2.4.6 for WordPress has XSS via the tonjooecaeoptionscustomcss parameter to the wp-admin/admin.php?page=tonjooexcerpt URI...
CVE-2018-5311
The CVE-2018-5311 entry concerns WordPress plugin Easy Custom Auto Excerpt (v2.4.6) vulnerable to stored/reflected XSS via the tonjoo_ecae_options[custom_css] parameter passed to wp-admin/admin.php?page=tonjoo_excerpt. Affected component: the plugin’s admin settings handling for custom CSS, enabl...