Every CVE whose affected-product data names Tinymce Custom Styles Project Tinymce Custom Styles, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2023-23995 — CVSS 5.9 (medium): Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tim Reeves & David Stöckl TinyMCE Custom Styles plugin <= 1.1.2 versions.
CVE-2023-2967 — CVSS 4.8 (medium): The TinyMCE Custom Styles WordPress plugin before 1.1.4 does not sanitise and escape some of its settings, which could allow high privilege…