Skip to content

Commit 200221f

Browse files
committed
1 parent 1140c69 commit 200221f

1 file changed

Lines changed: 26 additions & 3 deletions

File tree

advisories/unreviewed/2026/05/GHSA-hmgx-5p26-ccf2/GHSA-hmgx-5p26-ccf2.json

Lines changed: 26 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,35 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-hmgx-5p26-ccf2",
4-
"modified": "2026-05-20T09:30:34Z",
4+
"modified": "2026-05-20T09:30:37Z",
55
"published": "2026-05-20T09:30:34Z",
66
"aliases": [
77
"CVE-2026-5776"
88
],
9+
"summary": "Stored XSS",
910
"details": "The Email Encoder WordPress plugin before 2.4.7 does not escape email addresses retrieved via user input, allowing unauthenticated attackers to perform Stored XSS attacks",
1011
"severity": [],
11-
"affected": [],
12+
"affected": [
13+
{
14+
"package": {
15+
"ecosystem": "Packagist",
16+
"name": "onlineoptimisation/email-encoder-bundle"
17+
},
18+
"ranges": [
19+
{
20+
"type": "ECOSYSTEM",
21+
"events": [
22+
{
23+
"introduced": "0"
24+
}
25+
]
26+
}
27+
],
28+
"database_specific": {
29+
"last_known_affected_version_range": "< 2.4.7"
30+
}
31+
}
32+
],
1233
"references": [
1334
{
1435
"type": "ADVISORY",
@@ -20,7 +41,9 @@
2041
}
2142
],
2243
"database_specific": {
23-
"cwe_ids": [],
44+
"cwe_ids": [
45+
"CWE-80"
46+
],
2447
"severity": null,
2548
"github_reviewed": false,
2649
"github_reviewed_at": null,

0 commit comments

Comments
 (0)