The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanationCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1 reference(s) from NVD