CVE-2023-33999

HIGH NVD

CVSS Score 7.1

Severity HIGH

Published Jun 11, 2026

Vendor unknown

Description

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in WPVibes WP Mail Log allows DOM-Based XSS. This issue affects WP Mail Log: from n/a through 1.0.2.

References

https://patchstack.com/database/wordpress/plugin/wp-mail-log/vulnerability/wordpress-wp-mail-log-plugin-1-0-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve