intricateweb email_keep CVE Vulnerabilities (2)

CVEs: 2 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting intricateweb email_keep (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

CVE	Summary	Source	Max CVSS	EPSS %	Published	Updated
CVE-2024-13826	The Email Keep WordPress plugin through 1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack	[email protected]	5.4	0.04%	2025-03-08	2025-05-06
CVE-2024-13825	The Email Keep WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.	[email protected]	6.1	0.07%	2025-03-08	2025-05-06

cvelogic Threat Intelligence