Hello @ChristineWk

I've gone through the steps to verify this issue. Here's what I did:

• Enabled the Content - Email Cloaking plugin from the Plugins section to make sure it's active. (Check the attached screenshot 1.)
• Created a new article in Joomla and included an email address in the content. (Check the attached screenshot 2.)
• Published the article and viewed it on the frontend to see if the email was obfuscated.

From what I can see, the email is still visible in plain text, meaning cloaking doesn't seem to be working as expected. Just wanted to confirm—am I on the right track, or did I misunderstand something about the issue?

Let me know what you think. Thanks!

@chiragjethva03 - Thanks for your testing!
I'm a little confused now. :-)

You can normally see the email address in the frontend.

A user in the German forum describes the following:
Sample email: max_example@example.com
The system then removes "max" - as the pattern string underscore is not included (see above link).

If the user turns off email obfuscation, the above sample email is accepted.
And that is of course not correct.

confirmed.

@chiragjethva03 check the sourcecode of the article in frontend.

@ChristineWk
Yes, you're absolutely right! I conducted testing using two different approaches to verify this behavior:

• With Email Cloaking Enabled – When the plugin is active, Joomla removes the part before the underscore (_), transforming max_example@example.com into example@example.com. Additionally, the remaining email becomes a clickable mailto link.

• With Email Cloaking Disabled – In this case, the email remains unchanged and displays exactly as written, but it is treated as plain text rather than a clickable email link.

This confirms that the underscore ( _ ) is not properly handled in the email obfuscation logic, leading to unintended modifications. I have attached both test cases as screenshots for reference.

Email Clocking Disable.

Email Cloaking Enabled.

Closing as we have PR. Please test #45102