cleantalk
Vulnerabilities and Security Researches

Email Encoder – Protect Email Addresses and Phone Numbers, CVE-2024-4483

CVE, Research URL

CVE-2024-4483

Home page URL

Security reports for Email Encoder – Protect Email Addresses and Phone Numbers

Application

Email Encoder – Protect Email Addresses and Phone Numbers

Published on
Jul 29, 2024
Research Description
The Email Encoder WordPress plugin before 2.2.2 does not escape the WP_Email_Encoder_Bundle_options[protection_text] parameter before outputting it back in an attribute in an admin page, leading to a Stored Cross-Site Scripting
Affected versions
max 2.2.2.
Status
vulnerable
Previous vulnerability researches
Email Encoder – Protect Email Addresses and Phone Numbers (CVE-2024-4483) , Jul 31, 2024
Email Encoder – Protect Email Addresses and Phone Numbers (CVE-2024-1282) , Jun 06, 2024
Email Encoder – Protect Email Addresses and Phone Numbers (CVE-2021-24599) , Jun 06, 2024
Email Encoder – Protect Email Addresses and Phone Numbers (CVE-2023-4599) , Jun 06, 2024
Email Encoder – Protect Email Addresses and Phone Numbers (CVE-2023-47821) , Jun 06, 2024
New vulnerability
VI: Include Post By (CVE-2026-5717) , Apr 17, 2026
Responsive Accordion Slider (CVE-2026-0635) , Apr 17, 2026
Petje.af (CVE-2026-4002) , Apr 17, 2026
LinkedIn SC (CVE-2026-0812) , Apr 17, 2026
Coachific Shortcode (CVE-2026-4005) , Apr 17, 2026