EUVD-2024-48339

Malicious code in bioql PyPI...

CVE-2024-7413

The Obfuscate Email plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.8.1. This is due to the plugin allowing direct access to the bootstrap.php file which has displayerrors on. This makes it possible for unauthenticated attackers to retrieve the...

Obfuscate - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-029

This module enables you to obfuscate email addresses, to avoid them being easily available to spammers. The module doesn't sufficiently sanitise input when ROT13 encoding is used. This vulnerability is mitigated by the fact that an attacker must have a role with the ability to enter specific HTML...

CVE-2025-27823

An issue was discovered in the Mail Disguise module before 1.x-1.0.5 for Backdrop CMS. It enables a website to obfuscate email addresses, and should prevent spambots from collecting them. The module doesn't sufficiently validate the data attribute value on links, potentially leading to a Cross Si...

CVE-2024-7413

The Obfuscate Email plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.8.1. This is due to the plugin allowing direct access to the bootstrap.php file which has displayerrors on. This makes it possible for unauthenticated attackers to retrieve the...

WordPress plugin Obfuscate Email 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

CVE-2024-7413 Obfuscate Email <= 3.8.1 - Unauthenticated Full Path Disclosure

The Obfuscate Email plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.8.1. This is due to the plugin allowing direct access to the bootstrap.php file which has displayerrors on. This makes it possible for unauthenticated attackers to retrieve the...

CVE-2024-7413

The Obfuscate Email plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to 3.8.1 due to allow direct access to bootstrap.php with display_errors enabled. This enables unauthenticated information exposure (full path) that can assist other vulnerabilities; no exploit detai...

CVE-2024-7413 Obfuscate Email <= 3.8.1 - Unauthenticated Full Path Disclosure

The Obfuscate Email plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.8.1. This is due to the plugin allowing direct access to the bootstrap.php file which has displayerrors on. This makes it possible for unauthenticated attackers to retrieve the...

WordPress Obfuscate Email plugin <= 3.8.1 - Unauthenticated Full Path Disclosure vulnerability

Unauthenticated Full Path Disclosure vulnerability discovered by stealthcopter in WordPress Plugin Obfuscate Email versions = 3.8.1...

WordPress Obfuscate Email Plugin <= 3.8.1 is vulnerable to Sensitive Data Exposure

Software Obfuscate Email Type Plugin Vulnerable versions = 3.8.1 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-7413 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 734768c02b8e Credits stealthcopter Required...

Obfuscate Email - Less critical - Cross Site Scripting - SA-CONTRIB-2023-042

This module enables you to hide email addresses from bots and site scrapers by using the rot13 strategy. The module doesn't sufficiently escape the data attribute under the scenario a user has access to manipulate that value. This vulnerability is mitigated by the fact that an attacker must have ...