Lucene search
+L

4 matches found

cvelist
cvelist
added 2024/07/29 6:0 a.m.31 views

CVE-2024-4483 Email Encoder < 2.2.2 - Admin+ Stored XSS

The Email Encoder WordPress plugin before 2.2.2 does not escape the WPEmailEncoderBundleoptionsprotectiontext parameter before outputting it back in an attribute in an admin page, leading to a Stored Cross-Site Scripting...

0.00378EPSS
Exploits1References1
cve
cve
added 2024/07/29 6:0 a.m.55 views

CVE-2024-4483

CVE-2024-4483 affects the Email Encoder WordPress plugin prior to 2.2.2. The vulnerability is a Stored XSS where the parameter WP_Email_Encoder_Bundle_options[protection_text] is not escaped before output in an admin page attribute, enabling potentially malicious input to be stored and reflected....

5.4CVSS5.7AI score0.00378EPSS
Exploits1References1Affected Software1
vulnrichment
vulnrichment
added 2024/07/29 6:0 a.m.19 views

CVE-2024-4483 Email Encoder < 2.2.2 - Admin+ Stored XSS

The Email Encoder WordPress plugin before 2.2.2 does not escape the WPEmailEncoderBundleoptionsprotectiontext parameter before outputting it back in an attribute in an admin page, leading to a Stored Cross-Site Scripting...

5.7AI score0.00378EPSS
Exploits1References1
patchstack
patchstack
added 2024/07/29 12:0 a.m.11 views

WordPress Email Encoder Bundle Plugin < 2.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Email Encoder Bundle Type Plugin Vulnerable versions 2.2.2 Fixed in 2.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4483 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5d3ad3645d3e Credits Krugov Artyom Require...

5.4CVSS5.8AI score0.00378EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder