CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

RedhatCVE•added 2025/12/13 3:59 a.m.•2 views

CVE-2025-13884

The Hide Email Address plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inlinecss' parameter in the bg-hide-email-address shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This make...

6.4CVSS5.1AI score0.00031EPSS

Exploits0References1

NVD•added 2025/12/12 4:15 a.m.•1 views

CVE-2025-13884

6.4CVSS0.00031EPSS

Exploits0References3

EUVD•added 2025/12/12 3:20 a.m.•1 views

EUVD-2025-202979

6.4CVSS4.7AI score0.00031EPSS

Exploits0References4

Cvelist•added 2025/12/12 3:20 a.m.•22 views

CVE-2025-13884 Hide Email Address <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

6.4CVSS0.00031EPSS

Exploits0References3

CVE•added 2025/12/12 3:20 a.m.•6 views

CVE-2025-13884

The CVE-2025-13884 entry concerns the WordPress plugin Hide Email Address. The vulnerability is a Stored Cross-Site Scripting (XSS) flaw in the inline_css parameter of the bg-hide-email-address shortcode, present in all versions up to and including 0.1. The root cause is insufficient input saniti...

6.4CVSS4.8AI score0.00031EPSS

Exploits0References3

Vulnrichment•added 2025/12/12 3:20 a.m.•1 views

CVE-2025-13884 Hide Email Address <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

6.4CVSS4.8AI score0.00031EPSS

Exploits0References3

Positive Technologies•added 2025/12/12 12:0 a.m.•3 views

PT-2025-50827

The Hide Email Address plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inline css' parameter in the bg-hide-email-address shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

6.4CVSS5.1AI score0.00031EPSS

Exploits0References4

CNNVD•added 2025/12/12 12:0 a.m.•2 views

WordPress plugin Hide Email Address 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Hide Email Address plugin has a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the inlinecss...

6.4CVSS6.2AI score0.00031EPSS

Exploits0References3

Patchstack•added 2025/12/11 8:46 p.m.•4 views

WordPress Hide Email Address plugin <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Hide Email Address versions = 0.1...

6.4CVSS5.5AI score0.00031EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by