Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.8
CVE-2024-3076
- EPSS 0.15%
- Veröffentlicht 26.04.2024 14:15:07
- Zuletzt bearbeitet 10.06.2025 15:05:59
The MM-email2image WordPress plugin through 0.2.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack
8.1
CVE-2024-3075
- EPSS 0.54%
- Veröffentlicht 26.04.2024 05:15:50
- Zuletzt bearbeitet 10.06.2025 01:23:11
The MM-email2image WordPress plugin through 0.2.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to pe...
1