CVE-2026-5306

Vulnerability Description

The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled

Vulnerability Details

Published Date

April 28, 2026

Last Modified

April 28, 2026

Source

NVD

External References

https://wpscan.com/vulnerability/97908c15-6e7a-4242-8c6f-66c8b804364c/

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment