Skip to main content

Visual Css Style Editor

1 CVEs product

Monthly

CVE-2019-11886 HIGH POC This Week

The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme-customizer) plugin before 7.2.1 for WordPress allows yp_option_update CSRF, as demonstrated by use of yp_remote_get to obtain. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Visual Css Style Editor
NVD
CVSS 3.0
8.8
EPSS
1.9%
EPSS 2% CVSS 8.8
HIGH POC This Week

The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme-customizer) plugin before 7.2.1 for WordPress allows yp_option_update CSRF, as demonstrated by use of yp_remote_get to obtain. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Visual Css Style Editor
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy