Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 60 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-24987 WordPress WP System Log plugin <= 1.2.7 - Broken Access Control vulnerability activity-log.comWP System Log Medium 6.5 2026-03-25 16:14:36 Deep Dive
CVE-2026-1806 Tour & Activity Operator Plugin for TourCMS <= 1.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes tourcmsTour & Activity Operator Plugin for TourCMS Medium 6.4 2026-03-21 03:26:47 Deep Dive
CVE-2026-32362 WordPress WP Sessions Time Monitoring Full Automatic plugin <= 1.1.3 - Broken Access Control vulnerability activity-log.comWP Sessions Time Monitoring Full Automatic 中危 -2026-03-13 11:42:05 Deep Dive
CVE-2026-25331 WordPress WP Activity Log plugin <= 5.5.4 - Cross Site Scripting (XSS) vulnerability MelapressWP Activity Log--2026-02-19 08:26:57 Deep Dive
CVE-2026-1671 Activity Log for WordPress <= 1.2.8 - Missing Authorization to Sensitive Information Exposure via Log File switcorpActivity Log for WordPress Medium 6.5 2026-02-12 12:31:50 Deep Dive
CVE-2025-13471 User Activity Log <= 2.2 - Unauthenticated Limited Arbitrary Option Update UnknownUser Activity Log--2026-01-28 06:00:04 Deep Dive
CVE-2025-11877 User Activity Log <= 2.2 - Unauthenticated Limited Options Update via Failed Login solwininfotechUser Activity Log High 7.5 2026-01-07 08:21:50 Deep Dive
CVE-2025-62760 WordPress BuddyPress Activity Shortcode plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability BuddyDevBuddyPress Activity Shortcode Medium 6.5 2025-12-31 08:52:04 Deep Dive
CVE-2025-62949 WordPress Activity Plus Reloaded for BuddyPress plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability BuddyDevActivity Plus Reloaded for BuddyPress--2025-10-27 01:34:09 Deep Dive
CVE-2025-52749 WordPress Uji Countdown plugin <= 2.3.3 - Cross Site Scripting (XSS) vulnerability Activity TrackUji Countdown--2025-10-22 14:32:24 Deep Dive
CVE-2025-48339 WordPress Profiler - What Slowing Down Your WP <= 1.0.0 - Broken Access Control Vulnerability activity-log.comProfiler - What Slowing Down Your WP Medium 6.5 2025-07-16 11:28:01 Deep Dive
CVE-2025-30957 WordPress Activity Plus Reloaded for BuddyPress plugin <= 1.1.2 - Broken Access Control Vulnerability BuddyDevActivity Plus Reloaded for BuddyPress Medium 5.4 2025-06-06 12:54:09 Deep Dive
CVE-2024-0970 User Activity Tracking and Log < 4.1.4 - IP Spoofing UnknownUser Activity Tracking and Log--2025-05-15 20:09:33 Deep Dive
CVE-2024-0852 coreActivity < 1.8.1 - Unauthenticated Stored XSS UnknowncoreActivity: Activity Logging for WordPress--2025-05-15 20:09:32 Deep Dive
CVE-2023-6030 LogDash Activity Log < 1.1.4 - Unauthenticated SQLi UnknownLogDash Activity Log--2025-05-15 20:09:05 Deep Dive
CVE-2025-47548 WordPress Wbcom Designs - Activity Link Preview For BuddyPress plugin <= 1.4.4 - Server Side Request Forgery (SSRF) Vulnerability Varun DubeyWbcom Designs - Activity Link Preview For BuddyPress Medium 5.4 2025-05-07 14:20:19 Deep Dive
CVE-2025-2613 Login Manager – Design Login Page, View Login Activity, Limit Login Attempts <= 2.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via Custom URL mehrazmorshedLogin Manager – Design Login Page, View Login Activity, Limit Login Attempts Medium 4.4 2025-04-18 01:44:11 Deep Dive
CVE-2025-31006 WordPress Activity Reactions For Buddypress plugin <= 1.0.22 - Reflected Cross Site Scripting (XSS) vulnerability arete-itActivity Reactions For Buddypress High 7.1 2025-04-17 15:47:52 Deep Dive
CVE-2025-3436 coreActivity: Activity Logging for WordPress <= 2.7 - Authenticated (Subscriber+) SQL Injection gdragoncoreActivity: Activity Logging for WordPress Medium 6.5 2025-04-08 08:22:09 Deep Dive
CVE-2024-13668 WordPress Activity O Meter <= 1 - Reflected XSS UnknownWordPress Activity O Meter 高危 -2025-03-07 09:49:49 Deep Dive