cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches foreasy-author-image easy-author-image

Direction: ascending
Jun 07, 2024

Easy Author Image # 79fa8f492d7f28c4425b1902bfd74de74f041e65

CVE, Research URL

79fa8f492d7f28c4425b1902bfd74de74f041e65

Home page URL

Security reports for Easy Author Image

Application

Easy Author Image

Date
May 26, 2015
Research Description
Easy Author Image [easy-author-image] < 1.5.1 (closed) WordPress Easy Author Image Plugin <= 1.5 - Email Disclosure This plugin is prone to an email disclosure vulnerability. There is no fixing, because plugin is no longer be maintained.
Affected versions
max 1.5.1.
Status
vulnerable
Apr 15, 2026

Easy Author Image # CVE-2026-1373

CVE, Research URL

CVE-2026-1373

Home page URL

Security reports for Easy Author Image

Application

Easy Author Image

Date
Feb 19, 2026
Research Description
The Easy Author Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'author_profile_picture_url' parameter in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
max 1.7.
Status
vulnerable
Jun 16, 2026

Easy Author Image # 93248c06-a3ef-4085-be4d-56a6f6f143ab

CVE, Research URL

93248c06-a3ef-4085-be4d-56a6f6f143ab

Home page URL

Security reports for Easy Author Image

Application

Easy Author Image

Date
-
Research Description
Easy Author Image [easy-author-image] < 1.5.1 (closed) Easy Author Image 1.5 - Email Disclosure When the plugin, &quot;Easy Author Image&quot; is used in a Wordpress site to handle user comments, what it does is put the email address of the commentator in the &quot;alt&quot; field of the user&#039;s avatar.
Affected versions
max 1.5.1.
Status
vulnerable

Easy Author Image # e39ff5bac8425a66fc0c9b6562b747b859114b0b

CVE, Research URL

e39ff5bac8425a66fc0c9b6562b747b859114b0b

Home page URL

Security reports for Easy Author Image

Application

Easy Author Image

Date
May 26, 2015
Research Description
Easy Author Image [easy-author-image] < 1.5.1 (closed) Easy Author Image <= 1.5 - Email Information Exposure The Easy Author Image plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 1.5 via the 'alt' field. This can allow unauthorized attackers to extract sensitive email data.
Affected versions
max 1.5.1.
Status
vulnerable