VYPR

CSS Javascript Toolbox

by WordPress

Source repositories

CVEs (3)

  • CVE-2025-3703HigAug 14, 2025
    risk 0.49cvss 7.5epss 0.00

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wipeoutmedia CSS & JavaScript Toolbox css-javascript-toolbox allows PHP Local File Inclusion.This issue affects CSS & JavaScript Toolbox: from n/a through <…

  • CVE-2023-50823MedDec 21, 2023
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wipeout Media CSS & JavaScript Toolbox allows Stored XSS.This issue affects CSS & JavaScript Toolbox: from n/a through 11.7.

  • CVE-2025-11928MedNov 1, 2025
    risk 0.29cvss 4.4epss 0.00

    The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 12.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…