cleantalk
Vulnerabilities and Security Researches

Check & Log Email, CVE-2026-5306

CVE, Research URL

CVE-2026-5306

Home page URL

Security reports for Check & Log Email

Application

Check & Log Email

Published on
Apr 28, 2026
Research Description
The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled
Affected versions
max 2.0.13.
Status
vulnerable
Previous vulnerability researches
WP Featured Screenshot (CVE-2025-32557) , Apr 15, 2025
New vulnerability
Social Post Embed (CVE-2026-6809) , Apr 30, 2026
Timeline Blocks for Gutenberg (CVE-2026-6551) , Apr 29, 2026
WPC Smart Messages for WooCommerce (CVE-2026-6725) , Apr 29, 2026
Check & Log Email (CVE-2026-5306) , Apr 29, 2026
Complianz – GDPR/CCPA Cookie Consent (CVE-2026-4019) , Apr 29, 2026