Vulnerabilities > Tonjoostudio > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-17 | CVE-2016-10975 | Cross-site Scripting vulnerability in Tonjoostudio Fluid-Responsive-Slideshow The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter. | 6.1 |
| 2018-01-09 | CVE-2018-5311 | Cross-site Scripting vulnerability in Tonjoostudio Easy Custom Auto Excerpt 2.4.6 The Easy Custom Auto Excerpt plugin 2.4.6 for WordPress has XSS via the tonjoo_ecae_options[custom_css] parameter to the wp-admin/admin.php?page=tonjoo_excerpt URI. | 5.4 |