cleantalk
Vulnerabilities and Security Researches

Email Encoder – Protect Email Addresses and Phone Numbers, CVE-2026-5776

CVE, Research URL

CVE-2026-5776

Home page URL

Security reports for Email Encoder – Protect Email Addresses and Phone Numbers

Application

Email Encoder – Protect Email Addresses and Phone Numbers

Published on
May 20, 2026
Research Description
The Email Encoder WordPress plugin before 2.4.7 does not escape email addresses retrieved via user input, allowing unauthenticated attackers to perform Stored XSS attacks
Affected versions
max 2.4.7.
Status
vulnerable
Previous vulnerability researches
AudioIgniter Music Player (CVE-2026-8679) , May 22, 2026
New vulnerability
130+ Widgets | Best Addons For Elementor – FREE (CVE-2025-15369) , May 22, 2026
myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin (CVE-2026-42676) , May 22, 2026
Stripe Payment Plugin for WooCommerce (CVE-2026-45217) , May 22, 2026
YITH WooCommerce Product Add-Ons (CVE-2026-42383) , May 22, 2026
Quick Table (CVE-2026-6237) , May 22, 2026