cleantalk
Vulnerabilities and Security Researches

Mail Control – Email Customizer, SMTP Deliverability, logging, open and click Tracking, CVE-2023-33999

CVE, Research URL

CVE-2023-33999

Home page URL

Security reports for Mail Control – Email Customizer, SMTP Deliverability, logging, open and click Tracking

Application

Mail Control – Email Customizer, SMTP Deliverability, logging, open and click Tracking

Published on
Jun 11, 2026
Research Description
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in WPVibes WP Mail Log allows DOM-Based XSS. This issue affects WP Mail Log: from n/a through 1.0.2.
Affected versions
max 0.3.0.
Status
vulnerable
Previous vulnerability researches
WP SecureSubmit (CVE-2024-56270) , Jun 13, 2026
WP SecureSubmit (CVE-2024-56271) , Jan 07, 2025
New vulnerability
WooCommerce Affiliate Plugin – Coupon Affiliates (CVE-2023-33999) , Jun 14, 2026
Knowledge Base documentation & wiki plugin – BasePress Docs (CVE-2023-33999) , Jun 14, 2026
XT Floating Cart for WooCommerce (CVE-2023-33999) , Jun 14, 2026
Child Support Calculator (CVE-2023-33999) , Jun 14, 2026
WP Required Taxonomies – Categories and Tags Mandatory (CVE-2023-33999) , Jun 14, 2026