Emarketdesign Emarketdesign

  1. Vendors
  2. Emarketdesign

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Emarketdesign product.

RSS Feeds for Emarketdesign security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Emarketdesign products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Emarketdesign Sorted by Most Security Vulnerabilities since 2018

Emarketdesign Request A Quote5 vulnerabilities

Emarketdesign Youtube Video Gallery2 vulnerabilities

Emarketdesign Best Contact Management Software1 vulnerability

Emarketdesign Customer Service Software Support Ticket System1 vulnerability

Emarketdesign Event Rsvp Simple Event Management1 vulnerability

Emarketdesign Wp Easy Contact1 vulnerability

By the Year

In 2026 there have been 0 vulnerabilities in Emarketdesign. Last year, in 2025 Emarketdesign had 2 security vulnerabilities published. Right now, Emarketdesign is on track to have less security vulnerabilities in 2026 than it did last year.




Year Vulnerabilities Average Score
2026 0 0.00
2025 2 5.90
2024 2 5.30
2023 1 8.80
2022 3 6.13
2021 3 5.00

It may take a day or so for new Emarketdesign vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Emarketdesign Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2025-5540 Jun 26, 2025
WordPress Plugin Event RSVP Stored XSS via emd_mb_meta <4.1 The Event RSVP and Simple Event Management Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'emd_mb_meta' shortcode in all versions up to, and including, 4.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Event Rsvp Simple Event Management
CVE-2025-5539 Jun 04, 2025
WP Easy Contact <=4.0.0 Stored XSS via emd_mb_meta The Simple Contact Form Plugin for WordPress WP Easy Contact plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'emd_mb_meta' shortcode in all versions up to, and including, 4.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Wp Easy Contact
CVE-2024-6231 Jul 23, 2024
XSS via unsanitized settings in Request a Quote WP plugin <2.4.1 The Request a Quote WordPress plugin before 2.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Request A Quote
CVE-2024-3268 May 21, 2024
YouTube Video Gallery WP Plug v3.3.6 Unauth Mod Data The YouTube Video Gallery by YouTube Showcase Video Gallery Plugin for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the emd_form_builder_lite_submit_form function in all versions up to, and including, 3.3.6. This makes it possible for unauthenticated attackers to create arbitrary posts or pages.
Youtube Video Gallery
CVE-2023-40558 Oct 03, 2023
CSRF in YouTube Video Gallery <=3.3.5 Cross-Site Request Forgery (CSRF) vulnerability in eMarket Design YouTube Video Gallery by YouTube Showcase plugin <= 3.3.5 versions.
Youtube Video Gallery
CVE-2022-2240 Jul 25, 2022
The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection once an admin download and open it
Request A Quote
CVE-2022-2239 Jul 25, 2022
The Request a Quote WordPress plugin before 2.3.9 does not sanitise and escape some of its settings The Request a Quote WordPress plugin before 2.3.9 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Request A Quote
CVE-2022-2151 Jul 17, 2022
The Best Contact Management Software WordPress plugin through 3.7.3 does not sanitise and escape its settings The Best Contact Management Software WordPress plugin through 3.7.3 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Best Contact Management Software
CVE-2021-24489 Oct 25, 2021
The Request a Quote WordPress plugin before 2.3.9 does not sanitise, validate or escape some of its settings in the admin dashboard, leading to authenticated Stored Cross-Site Scripting issues even when the unfiltered_html capability is dis The Request a Quote WordPress plugin before 2.3.9 does not sanitise, validate or escape some of its settings in the admin dashboard, leading to authenticated Stored Cross-Site Scripting issues even when the unfiltered_html capability is disallowed.
Request A Quote
CVE-2021-24622 Oct 18, 2021
The Customer Service Software & Support Ticket System WordPress plugin before 5.10.4 does not sanitize or escape form fields before outputting it in the List, which could The Customer Service Software & Support Ticket System WordPress plugin before 5.10.4 does not sanitize or escape form fields before outputting it in the List, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Customer Service Software Support Ticket System
CVE-2021-24420 Jul 12, 2021
The Request a Quote WordPress plugin before 2.3.4 did not sanitise and escape some of its quote fields when adding/editing a quote as admin The Request a Quote WordPress plugin before 2.3.4 did not sanitise and escape some of its quote fields when adding/editing a quote as admin, leading to Stored Cross-Site scripting issues when the quote is output in the 'All Quotes" table.
Request A Quote
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.