CVE-2026-0691

The CM E-Mail Blacklist – Simple email filtering for safer registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blackemail' parameter in all versions up to, and including, 1.6.2. This is due to insufficient input sanitization and output escaping. This makes it...

CVE-2026-0691 CM E-Mail Blacklist <= 1.6.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'black_email' Parameter

The CM E-Mail Blacklist – Simple email filtering for safer registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blackemail' parameter in all versions up to, and including, 1.6.2. This is due to insufficient input sanitization and output escaping. This makes it...

CVE-2026-0691

CVE-2026-0691 applies to CM E-Mail Blacklist – Simple email filtering for safer registration (WordPress plugin) and is an authenticated Stored XSS via the black_email parameter, affecting versions up to 1.6.2. Root cause: insufficient input sanitization and output escaping; impact: authenticated ...

PT-2026-3350

The CM E-Mail Blacklist – Simple email filtering for safer registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'black email' parameter in all versions up to, and including, 1.6.2. This is due to insufficient input sanitization and output escaping. This makes it...

WordPress plugin CM E-Mail Blacklist – Simple email filtering for safer registrations. Cross-site scripting vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

EUVD-2023-28072

Malicious code in bioql PyPI...

CVE-2023-48271 WordPress Maspik – Spam Blacklist plugin <= 0.10.3 - IP Filtering Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in yonifre Maspik – Spam blacklist allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Maspik – Spam blacklist: from n/a through 0.10.3...

CVE-2023-5141

The BSK Contact Form 7 Blacklist WordPress plugin through 1.0.1 does not sanitise and escape the insertedcount parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-24008

Cross-Site Request Forgery CSRF vulnerability in yonifre Maspik – Spam Blacklist plugin = 0.7.8 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in yonifre Maspik – Spam Blacklist plugin = 0.7.8 versions...

CVE-2023-24008

CVE-2023-24008 : CSRF vulnerability in the WordPress plugin yonifre Maspik – Spam Blacklist (versions

PT-2023-19358 · Unknown · Yonifre Maspik – Spam Blacklist

Name of the Vulnerable Software and Affected Versions: yonifre Maspik – Spam Blacklist plugin versions prior to 0.7.9 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions on a...