Every CVE whose affected-product data names Tinymce Color Picker, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2014-3845 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the TinyMCE Color Picker plugin before 1.2 for WordPress allows remote attackers to…
CVE-2014-3844 — CVSS 5.0 (medium): The TinyMCE Color Picker plugin before 1.2 for WordPress does not properly check permissions, which allows remote attackers to modify…