Medium 6.5
2026-05-05< 1.6.6
CVE-2026-5957
EmailKit – Email Customizer for WooCommerce & WP
Minimum safe version
1.6.6
Update to 1.6.6 or later to address 5 fixable vulnerabilities
Latest available1.6.6 ✓
N/A
2026-02-17< 1.6.3
EmailKit – Email Customizer for WooCommerce & WP <= 1.6.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Title Modification
N/A
2026-03-20< 1.6.4
EmailKit <= 1.6.3 - Authenticated (Administrator+) Path Traversal via 'emailkit-editor-template' REST API Parameter
Medium 6.5
2026-01-07< 1.6.2
CVE-2025-14059
Medium 4.9
2025-09-26< 1.6.1
WordPress EmailKit Plugin <= 1.6.0 is vulnerable to Arbitrary Content Deletion