Lucene search
K

39 matches found

EUVD
EUVD
added 2026/06/25 9:31 a.m.6 views

EUVD-2026-39187

The Email Address Encoder WordPress plugin before 1.0.25, email-encoder-premium WordPress plugin before 0.3.12 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks...

8.8CVSS5.8AI score0.00301EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 7:16 a.m.9 views

CVE-2026-5305

The Email Address Encoder WordPress plugin before 1.0.25, email-encoder-premium WordPress plugin before 0.3.12 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks...

8.8CVSS0.00301EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 6:0 a.m.6 views

CVE-2026-5305

The Email Address Encoder WordPress plugin before 1.0.25, email-encoder-premium WordPress plugin before 0.3.12 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks...

5.8AI score0.00301EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 6:0 a.m.32 views

CVE-2026-5305 Email Address Encoder (Free < 1.0.25, Premium < 0.3.12) - Unauthenticated Stored XSS

The Email Address Encoder WordPress plugin before 1.0.25, email-encoder-premium WordPress plugin before 0.3.12 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks...

0.00301EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 6:0 a.m.25 views

CVE-2026-5305

The CVE-2026-5305 issue affects the WordPress plugins Email Address Encoder (free) prior to 1.0.25 and Email Encoder Premium prior to 0.3.12. The root cause is improper handling of email replacement, which can allow unauthenticated attackers to perform Stored XSS. Impact per sources is high (CVE-...

8.8CVSS5.8AI score0.00301EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/08 12:26 p.m.11 views

WordPress Email Address Encoder plugin < 1.0.25 - Unauthenticated Stored XSS vulnerability

Unauthenticated Stored XSS vulnerability discovered by Matthew Rollings in WordPress Plugin Email Address Encoder versions 1.0.25...

5.4AI score0.00301EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/11/24 12:35 p.m.2 views

EUVD-2025-198699

Malicious code in @ensdomains/address-encoder npm...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 12:35 p.m.7 views

Malicious code in @ensdomains/address-encoder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec8264ecb2af0b5028f08af1a108f7fe73cd1cbe55ea2cb7102a3e28b2e1052e The package @ensdomains/address-encoder was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSV
OSV
added 2025/11/24 12:35 p.m.3 views

MAL-2025-190665 Malicious code in @ensdomains/address-encoder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec8264ecb2af0b5028f08af1a108f7fe73cd1cbe55ea2cb7102a3e28b2e1052e The package @ensdomains/address-encoder was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-6750

Malware in sbrugna...

6.1CVSS6.3AI score0.00985EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-40414

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.0022EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-52798

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.004EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:49 a.m.12 views

CVE-2024-43927

Cross-Site Request Forgery CSRF vulnerability in Till Krüss Email Address Encoder email-address-encoder allows Cross Site Request Forgery.This issue affects Email Address Encoder: from n/a through = 1.0.23...

4.3CVSS5.9AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:42 a.m.10 views

CVE-2023-48765

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Till Krüss Email Address Encoder allows Stored XSS.This issue affects Email Address Encoder: from n/a through 1.0.22...

6.5CVSS6.7AI score0.004EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:37 a.m.20 views

CVE-2019-15833

The simple-mail-address-encoder plugin before 1.7 for WordPress has reflected XSS...

6.1CVSS7AI score0.00985EPSS
Exploits1References1
NVD
NVD
added 2025/01/02 12:15 p.m.28 views

CVE-2024-43927

Cross-Site Request Forgery CSRF vulnerability in Till Krüss Email Address Encoder email-address-encoder allows Cross Site Request Forgery.This issue affects Email Address Encoder: from n/a through = 1.0.23...

4.3CVSS0.0022EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/02 12:1 p.m.6 views

CVE-2024-43927 WordPress Email Address Encoder plugin <= 1.0.23 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Till Krüss Email Address Encoder email-address-encoder allows Cross Site Request Forgery.This issue affects Email Address Encoder: from n/a through = 1.0.23...

4.3CVSS5.1AI score0.0022EPSS
Exploits0References1
CVE
CVE
added 2025/01/02 12:1 p.m.51 views

CVE-2024-43927

CVE-2024-43927 describes a Cross-Site Request Forgery (CSRF) vulnerability in the Till Krüss Email Address Encoder WordPress plugin, affecting Email Address Encoder versions from n/a up to 1.0.23. The issue enables CSRF, with no public exploit details provided in the sources. Remediation guidance...

4.3CVSS5.9AI score0.0022EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/02 12:1 p.m.19 views

CVE-2024-43927 WordPress Email Address Encoder plugin <= 1.0.23 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Till Krüss Email Address Encoder email-address-encoder allows Cross Site Request Forgery.This issue affects Email Address Encoder: from n/a through = 1.0.23...

4.3CVSS0.0022EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.19 views

PT-2025-2671 · Unknown · Till Krüss Email Address Encoder

Name of the Vulnerable Software and Affected Versions: Till Krüss Email Address Encoder versions 1.0.23 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This can be achieved by...

4.3CVSS6.6AI score0.0022EPSS
Exploits0References3
Rows per page
Query Builder