All 8 CVE vulnerabilities found in WP Mail Log, with AI-generated Chinese analysis, references, and POCs.
Vendor: WPVibes
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-51410 | WordPress WP Mail Log Plugin <= 1.1.2 is vulnerable to Arbitrary File Upload CWE-434 | 9.9 | Critical | 2023-12-29 |
| CVE-2023-5644 | WP Mail Log < 1.1.3 – Incorrect Authorization in REST API Endpoints | 5.4AI | MediumAI | 2023-12-26 |
| CVE-2023-5672 | WP Mail Log < 1.1.3 – Contributor+ LFI in wml_logs/send_mail endpoint | 6.5AI | MediumAI | 2023-12-26 |
| CVE-2023-5645 | WP Mail Log < 1.1.3 – Contributor+ SQL Injection in wml_logs endpoint | 8.8AI | HighAI | 2023-12-26 |
| CVE-2023-5673 | WP Mail Log < 1.1.3 – Contributor+ Arbitrary File Upload to RCE | 9.8AI | CriticalAI | 2023-12-26 |
| CVE-2023-5674 | WP Mail Log < 1.1.3 – Contributor+ SQL Injection in wml_logs/send_mail endpoint | 8.8AI | HighAI | 2023-12-26 |
| CVE-2023-3088 | WP Mail Log <= 1.1.1 - Unauthenticated Stored Cross-Site Scripting via Email CWE-79 | 7.2 | High | 2023-07-12 |
| CVE-2022-45807 | WordPress WP Mail Log Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF) CWE-352 | 5.4 | Medium | 2023-02-02 |
All 8 known CVE vulnerabilities affecting WP Mail Log with full Chinese analysis, references, and POCs where available.