VYPR

Easy Custom Auto Excerpt

by WordPress

CVEs (2)

  • CVE-2018-5311MedJan 9, 2018
    risk 0.35cvss 5.4epss 0.01

    The Easy Custom Auto Excerpt plugin 2.4.6 for WordPress has XSS via the tonjoo_ecae_options[custom_css] parameter to the wp-admin/admin.php?page=tonjoo_excerpt URI.

  • CVE-2024-3312MedMay 2, 2024
    risk 0.34cvss 5.3epss 0.01

    The Easy Custom Auto Excerpt plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.12. This makes it possible for unauthenticated attackers to obtain excerpts of password-protected posts.