Vulnerabilities > Tonjoostudio

DATE CVE VULNERABILITY TITLE RISK
2019-09-17 CVE-2016-10975 Cross-site Scripting vulnerability in Tonjoostudio Fluid-Responsive-Slideshow
The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter.
network
low complexity
tonjoostudio CWE-79
6.1
2019-09-17 CVE-2016-10974 Cross-Site Request Forgery (CSRF) vulnerability in Tonjoostudio Fluid-Responsive-Slideshow
The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has frs_save CSRF with resultant stored XSS.
network
low complexity
tonjoostudio CWE-352
8.8
2018-01-09 CVE-2018-5311 Cross-site Scripting vulnerability in Tonjoostudio Easy Custom Auto Excerpt 2.4.6
The Easy Custom Auto Excerpt plugin 2.4.6 for WordPress has XSS via the tonjoo_ecae_options[custom_css] parameter to the wp-admin/admin.php?page=tonjoo_excerpt URI.
network
low complexity
tonjoostudio CWE-79
5.4