Email Log Page Renders HTML in Subject Line

[PluginVulnerabilities]

While checking on the recent security fixes made to the plugin, we noticed that on the Email Log page, HTML in the subject line of logged emails is rendered. What is output is restricted using wp_kses(), but it seems like it should only be showing the plain text.

[robertrofam]

Thank you for the report, if this is considered a security issues please send details to security@awesomemotive.com for private review.

When you send your report, please include details such as example bypasses of wp_kses() or details steps to reproduce if you have them.

Thank you.

[PluginVulnerabilities]

We wouldn't consider it a security issue. wp_kses() strips out disallowed HTML, but other HTML is still shown, which doesn't seem like should be happening there as it's an email's subject line.

[donmhico]

@PluginVulnerabilities - Thank you for creating this issue. We've fixed this and will be included in our next release! 🙇