Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.1 views

EUVD-2024-34228

Malicious code in bioql PyPI...

6.4CVSS8.7AI score0.00325EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 7:2 a.m.3 views

CVE-2024-11935

The Email Address Obfuscation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.00325EPSS
Exploits0References1
Drupal
Drupal
added 2025/02/12 12:0 a.m.12 views

SpamSpan filter - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-016

This module enables your site to obfuscate Email addresses and prevent spambots to collect them. The module doesn't sanitize HTML data attributes when an email address link is transformed to separate span HTML elements and then transformed back by JavaScript leading to a Cross Site Scripting XSS...

6.1CVSS5.8AI score0.00242EPSS
Exploits0References2
NVD
NVD
added 2024/12/04 1:15 p.m.10 views

CVE-2024-11935

The Email Address Obfuscation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00325EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/12/04 12:37 p.m.14 views

CVE-2024-11935 Email Address Obfuscation <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via class Parameter

The Email Address Obfuscation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00325EPSS
Exploits0References4
CVE
CVE
added 2024/12/04 12:37 p.m.46 views

CVE-2024-11935

The CVE CVE-2024-11935 affects the WordPress Email Address Obfuscation plugin. It is a Stored XSS via the class parameter in all versions up to 1.0.1, requiring an authenticated attacker with Contributor-level access or higher to inject scripts that execute when users load the affected page. A re...

6.4CVSS5.8AI score0.00325EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/12/04 5:6 a.m.1 views

WordPress Email Address Obfuscation plugin <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via class Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via class Parameter vulnerability discovered by theviper17y in WordPress Plugin Email Address Obfuscation versions = 1.0.1...

6.4CVSS5.8AI score0.00325EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/04 12:0 a.m.0 views

PT-2024-17352 · WordPress · Email Address Obfuscation

Name of the Vulnerable Software and Affected Versions: Email Address Obfuscation plugin for WordPress versions up to, and including, 1.0.1 Description: The issue is related to Stored Cross-Site Scripting via the class parameter due to insufficient input sanitization and output escaping. This allo...

6.4CVSS6.3AI score0.00325EPSS
Exploits0References8
Rows per page
Query Builder