EUVD-2023-52798

Malicious code in bioql PyPI...

EUVD-2024-40414

Malicious code in bioql PyPI...

CVE-2024-43927

Cross-Site Request Forgery CSRF vulnerability in Till Krüss Email Address Encoder email-address-encoder allows Cross Site Request Forgery.This issue affects Email Address Encoder: from n/a through = 1.0.23...

CVE-2023-48765

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Till Krüss Email Address Encoder allows Stored XSS.This issue affects Email Address Encoder: from n/a through 1.0.22...

CVE-2024-43927

Cross-Site Request Forgery CSRF vulnerability in Till Krüss Email Address Encoder email-address-encoder allows Cross Site Request Forgery.This issue affects Email Address Encoder: from n/a through = 1.0.23...

CVE-2024-43927 WordPress Email Address Encoder plugin <= 1.0.23 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Till Krüss Email Address Encoder email-address-encoder allows Cross Site Request Forgery.This issue affects Email Address Encoder: from n/a through = 1.0.23...

CVE-2024-43927 WordPress Email Address Encoder plugin <= 1.0.23 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Till Krüss Email Address Encoder email-address-encoder allows Cross Site Request Forgery.This issue affects Email Address Encoder: from n/a through = 1.0.23...

CVE-2024-43927

CVE-2024-43927 describes a Cross-Site Request Forgery (CSRF) vulnerability in the Till Krüss Email Address Encoder WordPress plugin, affecting Email Address Encoder versions from n/a up to 1.0.23. The issue enables CSRF, with no public exploit details provided in the sources. Remediation guidance...

PT-2025-2671 · Unknown · Till Krüss Email Address Encoder

Name of the Vulnerable Software and Affected Versions: Till Krüss Email Address Encoder versions 1.0.23 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This can be achieved by...

WordPress plugin Email Address Encoder 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

WordPress Email Address Encoder plugin <= 1.0.23 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Email Address Encoder versions = 1.0.23...

WordPress Email Address Encoder Plugin <= 1.0.23 is vulnerable to Cross Site Request Forgery (CSRF)

Software Email Address Encoder Type Plugin Vulnerable versions = 1.0.23 Fixed in 1.0.24 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-43927 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bba49f18d147 Credits Rafie...

WordPress Email Address Encoder Plugin < 1.0.23 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tillkruss:emailaddressencoder"; ifdescription...

CVE-2023-48765

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Till Krüss Email Address Encoder allows Stored XSS.This issue affects Email Address Encoder: from n/a through 1.0.22...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Till Krüss Email Address Encoder allows Stored XSS.This issue affects Email Address Encoder: from n/a through 1.0.22...

CVE-2023-48765

CVE-2023-48765 affects the WordPress plugin Email Address Encoder. An improper input sanitization/output escaping in the eae_shortcode attribute allows Stored XSS in versions up to and including 1.0.22. Exploitation requires an authenticated user with Contributor+ privileges. The issue is mitigat...

CVE-2023-48765 WordPress Email Address Encoder Plugin <= 1.0.22 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Till Krüss Email Address Encoder allows Stored XSS.This issue affects Email Address Encoder: from n/a through 1.0.22...

WordPress Plugin Email Address Encoder Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

Email Address Encoder 1.0.22 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Email Address Encoder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's eaeshortcode shortcode in version 1.0.22 due to insufficient input sanitization and output escaping on the 'link' user supplied attribute. This makes it possible for...

WordPress Email Address Encoder Plugin <= 1.0.22 is vulnerable to Cross Site Scripting (XSS)

Software Email Address Encoder Type Plugin Vulnerable versions = 1.0.22 Fixed in 1.0.23 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-48765 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4b554f8ca93c Credits LVT-tholv2k Required privilege...