Lucene search

K
cvelistWPScanCVELIST:CVE-2021-24599
HistorySep 06, 2021 - 11:09 a.m.

CVE-2021-24599 Email Encoder < 2.1.2 - Reflected Cross Site Scripting

2021-09-0611:09:31
CWE-79
WPScan
www.cve.org

0.001 Low

EPSS

Percentile

43.2%

The Email Encoder – Protect Email Addresses WordPress plugin before 2.1.2 has an endpoint that requires no authentication and will render a user supplied value in the HTML response without escaping or sanitizing the data.

CNA Affected

[
  {
    "product": "Email Encoder – Protect Email Addresses",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "2.1.2",
        "status": "affected",
        "version": "2.1.2",
        "versionType": "custom"
      }
    ]
  }
]

0.001 Low

EPSS

Percentile

43.2%

Related for CVELIST:CVE-2021-24599