VYPR

My Custom CSS

by WordPress

CVEs (2)

  • CVE-2025-48096MedOct 22, 2025
    risk 0.42cvss 6.5epss 0.00

    Missing Authorization vulnerability in FRESHFACE Custom CSS custom-css-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom CSS: from n/a through <= 1.4.0.

  • CVE-2024-7410MedAug 12, 2024
    risk 0.34cvss 5.3epss 0.00

    The My Custom CSS PHP & ADS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.3. This is due the plugin not preventing direct access to the /my-custom-css/vendor/mobiledetect/mobiledetectlib/export/exportToJSON.php file and and…