Aggregates CVE and security vulnerability intelligence across all tonjoostudio-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk cross-site scripting and vendor risk csrf; exposure may include vendor impact session compromise in vendor surface software deployment contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2016-10975 | The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter. | [email protected] | 6.1 | 0.19% | 2019-09-17 | 2024-11-21 |
| CVE-2016-10974 | The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has frs_save CSRF with resultant stored XSS. | [email protected] | 8.8 | 0.11% | 2019-09-17 | 2024-11-21 |
| CVE-2018-5311 | The Easy Custom Auto Excerpt plugin 2.4.6 for WordPress has XSS via the tonjoo_ecae_options[custom_css] parameter to the wp-admin/admin.php?page=tonjoo_excerpt URI. | [email protected] | 5.4 | 0.18% | 2018-01-09 | 2024-11-21 |