Medium 4.4
2026-01-17< 1.6.3
CM E-Mail Blacklist <= 1.6.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'black_email' Parameter
CM E-Mail Blacklist – Simple email filtering for safer registration
Minimum safe version
1.6.3
Update to 1.6.3 or later to address 5 fixable vulnerabilities
Latest available1.6.4 ✓
High 7.1
2025-03-03< 1.5.6
CVE-2025-24694
High 7.1
2025-03-03< 1.5.3
CVE-2025-24758
Medium 6.1
2024-11-26< 1.5.4
CVE-2024-11202
High 8.1
2024-07-15< 1.4.9
WordPress CM Email Registration Blacklist and Whitelist Plugin < 1.4.9 is vulnerable to Cross Site Request Forgery (CSRF)