Medium severity5.4NVD Advisory· Published Jan 9, 2018· Updated Jun 17, 2026
CVE-2018-5311
CVE-2018-5311
Description
The Easy Custom Auto Excerpt plugin 2.4.6 for WordPress has XSS via the tonjoo_ecae_options[custom_css] parameter to the wp-admin/admin.php?page=tonjoo_excerpt URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=2.4.6+ 1 more
- (no CPE)range: <=2.4.6
- (no CPE)range: =2.4.6
Patches
Vulnerability mechanics
References
2- github.com/d4wner/Vulnerabilities-Report/blob/master/easy-custom-auto-excerpt.mdnvdExploitThird Party Advisory
- wordpress.org/support/topic/stored-xss-bugs-at-the-latest-version-of-easy-custom-auto-excerpt/nvdBroken Link
News mentions
0No linked articles in our index yet.