Vulnerabilities > Tonjoostudio > Easy Custom Auto Excerpt > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-09 | CVE-2018-5311 | Cross-site Scripting vulnerability in Tonjoostudio Easy Custom Auto Excerpt 2.4.6 The Easy Custom Auto Excerpt plugin 2.4.6 for WordPress has XSS via the tonjoo_ecae_options[custom_css] parameter to the wp-admin/admin.php?page=tonjoo_excerpt URI. | 5.4 |