CVE-2021-24599

Published: 2021-09-06T11:15Z

Last Modified: 2024-11-21T05:53Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The Email Encoder – Protect Email Addresses WordPress plugin before 2.1.2 has an endpoint that requires no authentication and will render a user supplied value in the HTML response without escaping or sanitizing the data. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt