WordPress Email Address Encoder plugin < 1.0.25 - Unauthenticated Stored XSS vulnerability

Unauthenticated Stored XSS vulnerability discovered by Matthew Rollings in WordPress Plugin Email Address Encoder versions 1.0.25...

EUVD-2023-52798

Malicious code in bioql PyPI...

EUVD-2024-40414

Malicious code in bioql PyPI...

CVE-2024-43927

Cross-Site Request Forgery CSRF vulnerability in Till Krüss Email Address Encoder email-address-encoder allows Cross Site Request Forgery.This issue affects Email Address Encoder: from n/a through = 1.0.23...

CVE-2023-48765

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Till Krüss Email Address Encoder allows Stored XSS.This issue affects Email Address Encoder: from n/a through 1.0.22...

CVE-2024-43927

Cross-Site Request Forgery CSRF vulnerability in Till Krüss Email Address Encoder email-address-encoder allows Cross Site Request Forgery.This issue affects Email Address Encoder: from n/a through = 1.0.23...

CVE-2024-43927 WordPress Email Address Encoder plugin <= 1.0.23 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Till Krüss Email Address Encoder email-address-encoder allows Cross Site Request Forgery.This issue affects Email Address Encoder: from n/a through = 1.0.23...

CVE-2024-43927 WordPress Email Address Encoder plugin <= 1.0.23 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Till Krüss Email Address Encoder email-address-encoder allows Cross Site Request Forgery.This issue affects Email Address Encoder: from n/a through = 1.0.23...

CVE-2024-43927

CVE-2024-43927 describes a Cross-Site Request Forgery (CSRF) vulnerability in the Till Krüss Email Address Encoder WordPress plugin, affecting Email Address Encoder versions from n/a up to 1.0.23. The issue enables CSRF, with no public exploit details provided in the sources. Remediation guidance...

PT-2025-2671 · Unknown · Till Krüss Email Address Encoder

Name of the Vulnerable Software and Affected Versions: Till Krüss Email Address Encoder versions 1.0.23 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This can be achieved by...

WordPress plugin Email Address Encoder 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

WordPress Email Address Encoder plugin <= 1.0.23 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Email Address Encoder versions = 1.0.23...

WordPress Email Address Encoder Plugin <= 1.0.23 is vulnerable to Cross Site Request Forgery (CSRF)

Software Email Address Encoder Type Plugin Vulnerable versions = 1.0.23 Fixed in 1.0.24 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-43927 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bba49f18d147 Credits Rafie...

WordPress Email Address Encoder Plugin < 1.0.23 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tillkruss:emailaddressencoder"; ifdescription...

CVE-2023-48765

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Till Krüss Email Address Encoder allows Stored XSS.This issue affects Email Address Encoder: from n/a through 1.0.22...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Till Krüss Email Address Encoder allows Stored XSS.This issue affects Email Address Encoder: from n/a through 1.0.22...

CVE-2023-48765

CVE-2023-48765 affects the WordPress plugin Email Address Encoder. An improper input sanitization/output escaping in the eae_shortcode attribute allows Stored XSS in versions up to and including 1.0.22. Exploitation requires an authenticated user with Contributor+ privileges. The issue is mitigat...

CVE-2023-48765 WordPress Email Address Encoder Plugin <= 1.0.22 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Till Krüss Email Address Encoder allows Stored XSS.This issue affects Email Address Encoder: from n/a through 1.0.22...

WordPress Plugin Email Address Encoder Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

Email Address Encoder 1.0.22 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Email Address Encoder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's eaeshortcode shortcode in version 1.0.22 due to insufficient input sanitization and output escaping on the 'link' user supplied attribute. This makes it possible for...