Yellowpencil Visual Css Style Editor — known CVE vulnerabilities
Every CVE whose affected-product data names Yellowpencil Visual Css Style Editor, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2019-11886 — CVSS 8.8 (high): The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme-customizer) plugin before 7.2.1 for WordPress allows…
CVE-2021-24934 — CVSS 6.1 (medium): The Visual CSS Style Editor WordPress plugin before 7.5.4 does not sanitise and escape the wyp_page_type parameter before outputting it…