cleantalk
Vulnerabilities and Security Researches

Place Order Without Payment for WooCommerce, CVE-2023-33999

CVE, Research URL

CVE-2023-33999

Home page URL

Security reports for Place Order Without Payment for WooCommerce

Application

Place Order Without Payment for WooCommerce

Published on
Jun 11, 2026
Research Description
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in WPVibes WP Mail Log allows DOM-Based XSS. This issue affects WP Mail Log: from n/a through 1.0.2.
Affected versions
max 2.5.2.
Status
vulnerable
Previous vulnerability researches
Remove Duplicate Posts (1f5faa66dc6d492718ce5db9c3895b5840416340) , Jun 07, 2024
Remove Duplicate Posts (CVE-2023-29237) , Jun 10, 2024
New vulnerability
Place Order Without Payment for WooCommerce (CVE-2023-33999) , Jun 12, 2026
WPZOOM Portfolio (CVE-2026-49069) , Jun 12, 2026
wpForo Forum (CVE-2026-49767) , Jun 12, 2026
Easy Image Collage (CVE-2026-9019) , Jun 12, 2026
Stop WP Emails Going to Spam (CVE-2023-33999) , Jun 12, 2026