VYPR

Editor Custom Color Palette

by Rouergue Création

CVEs (2)

  • CVE-2025-57909MedSep 22, 2025
    risk 0.42cvss 6.5epss 0.00

    Missing Authorization vulnerability in Rouergue Création Editor Custom Color Palette editor-custom-color-palette allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Editor Custom Color Palette: from n/a through <= 3.5.6.

  • CVE-2024-9642MedOct 26, 2024
    risk 0.35cvss 6.4epss 0.00

    The Editor Custom Color Palette plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.3.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…