13 matches found
EUVD-2025-19970
Malicious code in bioql PyPI...
CVE-2025-28976
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dsrodzin Email Address Security by WebEmailProtector webemailprotector allows Stored XSS.This issue affects Email Address Security by WebEmailProtector: from n/a through = 3.3.6...
CVE-2025-28976
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dsrodzin Email Address Security by WebEmailProtector webemailprotector allows Stored XSS.This issue affects Email Address Security by WebEmailProtector: from n/a through = 3.3.6...
CVE-2025-28976
CVE-2025-28976 corresponds to a Stored XSS in the WordPress plugin Email Address Security by WebEmailProtector (versions <= 3.3.6). The issue stems from improper input neutralization during web page generation, enabling cross-site scripting when user-supplied input is rendered. Affected softwa...
CVE-2025-28976 WordPress Email Address Security by WebEmailProtector <= 3.3.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dsrodzin Email Address Security by WebEmailProtector allows Stored XSS. This issue affects Email Address Security by WebEmailProtector: from n/a through 3.3.6...
CVE-2025-28976 WordPress Email Address Security by WebEmailProtector plugin <= 3.3.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dsrodzin Email Address Security by WebEmailProtector webemailprotector allows Stored XSS.This issue affects Email Address Security by WebEmailProtector: from n/a through = 3.3.6...
PT-2025-27902 · Webemailprotector · Email Address Security
Name of the Vulnerable Software and Affected Versions: Email Address Security by WebEmailProtector versions n/a through 3.3.6 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This means that ...
WordPress Email Address Security by WebEmailProtector plugin <= 3.3.6 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by chuck in WordPress Plugin Email Address Security by WebEmailProtector versions = 3.3.6...
CVE-2025-26695
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: When requesting an OpenPGP key from a WKD server, an incorrect padding size was used, and a network observer could have learned the length of the requested email address...
Design/Logic Flaw
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14 before 15.11.10, all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1, which allows an attacker to inject HTML in an email address field...
CVE-2023-33725
Broadleaf 5.x and 6.x including 5.2.25-GA and 6.2.6-GA was discovered to contain a cross-site scripting XSS vulnerability via a customer signup with a crafted email address. This is fixed in 6.2.6.1-GA...
CVE-2004-2771
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address...
MGASA-2014-0389 Updated perl-Email-Address packages fix security vulnerabilities
Updated perl-Email-Address package fixes security vulnerability: The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service CPU consumption via an empty quoted string in an RFC 2822 address...