Vulnerabilities > Wpvibes > WP Mail LOG > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-26 | CVE-2023-5672 | Path Traversal vulnerability in Wpvibes WP Mail LOG The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file path parameters when attaching files to emails, leading to local file inclusion, and allowing an attacker to leak the contents of arbitrary files. | 6.5 |
| 2023-07-12 | CVE-2023-3088 | Unspecified vulnerability in Wpvibes WP Mail LOG The WP Mail Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via email contents in versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. | 6.1 |