Does Easy Custom Css/Js have any unpatched vulnerabilities?

No. All known vulnerabilities in Easy Custom Css/Js have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Easy Custom Css/Js compatible with WordPress 6.1.10?

According to WordPress.org data, Easy Custom Css/Js 2.1 has been tested up to WordPress 6.1.10. Check the plugin's changelog for the latest compatibility information.

How often is Easy Custom Css/Js updated?

Easy Custom Css/Js was last updated on Jan 28, 2023. Frequent updates are generally a positive security signal.

What is Easy Custom Css/Js's security score?

Easy Custom Css/Js has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Easy Custom Css/Js Security & Risk Analysis

wordpress.org/plugins/easy-custom-cssjs

Add custom css to specific posts and pages and also option for responsive css, sass, less And Javascript.

100 active installs v2.1 PHP + WP 5.0+ Updated Jan 28, 2023

csscustomcustom-cssjsstylesheet

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Easy Custom Css/Js Safe to Use in 2026?

Generally Safe

Score 85/100

Easy Custom Css/Js has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago

Risk Assessment

The "easy-custom-cssjs" plugin v2.1 exhibits a mixed security posture. On the positive side, it has no known CVEs, a clean vulnerability history, and demonstrates good practices in handling SQL queries with prepared statements and implementing nonce and capability checks. The attack surface also appears minimal with no AJAX handlers, REST API routes, shortcodes, or cron events directly exposed. However, the presence of the `unserialize` function is a significant concern, as it can be a vector for deserialization vulnerabilities if not handled with extreme care and proper input validation. Furthermore, the taint analysis reveals 3 flows with unsanitized paths, indicating potential risks where user-supplied data might be used in a way that could lead to unauthorized access or execution, even though no critical or high severity issues were flagged directly. The low percentage of properly escaped output (26%) also raises concerns about potential cross-site scripting (XSS) vulnerabilities.

Key Concerns

Dangerous function unserialize used
Flows with unsanitized paths found
Low percentage of output escaping

Vulnerabilities

None known

Easy Custom Css/Js Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Easy Custom Css/Js Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

18 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$imports = unserialize(file_get_contents($icache));include\scss.inc.php:4498

Output Escaping

26% escaped69 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

4 flows3 with unsanitized paths

serve (include\scss.inc.php:4553)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Easy Custom Css/Js Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 11

actionplugins_loadedspcc-custom-css.php:46

actionadmin_initspcc-custom-css.php:48

actionadmin_initspcc-custom-css.php:57

actionwp_headspcc-custom-css.php:114

actionadmin_menuspcc_class.php:13

actionadmin_initspcc_class.php:14

actionadd_meta_boxesspcc_class.php:15

actionsave_postspcc_class.php:16

actioninitspcc_class.php:17

actionwp_enqueue_scriptsspcc_class.php:18

actionwp_headspcc_class.php:19

Maintenance & Trust

Easy Custom Css/Js Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10

Last updatedJan 28, 2023

PHP min version

Downloads6K

Community Trust

Rating86/100

Number of ratings3

Active installs100

Alternatives

Easy Custom Css/Js Alternatives

Simple Custom CSS and JS

custom-css-js

100

Easily add Custom CSS or JS to your website with an awesome editor.

700K 1 CVE

WP Add Custom CSS

wp-add-custom-css

100

Add custom css to the whole website and to specific posts and pages.

60K No CVEs

Custom CSS and JavaScript

custom-css-and-javascript

Easily add custom CSS and JavaScript code to your WordPress site, with draft previewing, revisions, and minification!

10K No CVEs

Custom CSS

custom-css-editor

Add custom CSS, JS, PHP, tracking code. Very easy to use!

1K 1 unpatched

Live Custom CSS JS Code Editor

live-css-js-code-editor

Live Custom CSS JS Code Editor allows you to easily add custom CSS, JavaScript, Header, Footer Code to your site, straight from your WordPress Customi …

400 No CVEs

Developer Profile

Easy Custom Css/Js Developer Profile

SunilPrajapati

1 plugin · 100 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Easy Custom Css/Js

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/easy-custom-cssjs/css/bootstrap.css/wp-content/plugins/easy-custom-cssjs/css/spcc_custom.css/wp-content/plugins/easy-custom-cssjs/js/src-min/ace.js/wp-content/plugins/easy-custom-cssjs/js/spcc_custom.js

Script Paths

/wp-content/plugins/easy-custom-cssjs/js/src-min/ace.js/wp-content/plugins/easy-custom-cssjs/js/spcc_custom.js

Version Parameters

easy-custom-cssjs/css/bootstrap.css?ver=easy-custom-cssjs/css/spcc_custom.css?ver=easy-custom-cssjs/js/src-min/ace.js?ver=easy-custom-cssjs/js/spcc_custom.js?ver=

HTML / DOM Fingerprints

JS Globals

ace

FAQ