Custom Css, Js & Php Security Vulnerabilities and Issues — Custom Css, Js & Php CVE List

Lucene search

WpfactoryCustom Css, Js & Php

2 matches found

CVE•added 2025/04/16 1:15 p.m.•44 views

CVE-2025-39601

Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Custom CSS, JS & PHP allows Remote Code Inclusion. This issue affects Custom CSS, JS & PHP: from n/a through 2.4.1.

9.6CVSS9.6AI score0.00009EPSS

CVE•added 2023/10/20 8:15 a.m.•25 views

CVE-2021-4418

The Custom CSS, JS & PHP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.7. This is due to missing or incorrect nonce validation on the save() function. This makes it possible for unauthenticated attackers to save code snippets via a forged req...

4.3CVSS4.5AI score0.00137EPSS