CVE ID :CVE-2026-5305 Published : June 25, 2026, 6 a.m. | 11 hours, 11 minutes ago Description :The Email Address Encoder WordPress plugin before 1.0.25, email-encoder-premium WordPress plugin before 0.3.12 does not properly handle email replacement, which could allow unauthenticated users to...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-5305 - Email Address Encoder (Free < 1.0.25, Premium < 0.3.12) - Unauthenticated Stored XSS

VERWANDTEARTIKEL

CVE-2026-56786 - RTKLIB 2.4.3 - Out-of-bounds Write in decode_type1033 via Crafted RTCM3 Message

CVE-2026-56771 - NewsBlur < 14.5.0 - Server-Side Request Forgery via add_url Endpoint

CVE-2026-56770 - libais 0.15 - Out-of-bounds Vector Access in VdmStream::AddLine via Invalid Sequential Message ID

CVE-2026-56769 - Huly Platform - Server-Side Request Forgery via /import Endpoint

CVE-2026-56768 - Seahub < 13.0.23 - Authentication Bypass in ShareLinkZipTaskView GET Method

CVE-2026-56767 - Maxun < 0.0.42 - Cross-Tenant IDOR in Storage and Webhook API Handlers