| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-2018 | WP Activity Log Premium <= 4.6.4 - Authenticated (Subscriber+) SQL Injection | wpwhitesecurity | WP Activity Log Premium | High | 8.8 | 2024-04-09 18:58:42 | Deep Dive |
| CVE-2023-50905 | WordPress WP Activity Log plugin <= 4.6.1 - Cross Site Scripting (XSS) vulnerability | Melapress | WP Activity Log | High | 7.1 | 2024-02-29 05:35:15 | Deep Dive |
| CVE-2022-45350 | WordPress Simple History Plugin <= 3.3.1 is vulnerable to CSV Injection | Pär Thernström | Simple History – user activity log, audit tool | 高危 | - | 2023-11-07 15:05:07 | Deep Dive |
| CVE-2023-37966 | WordPress User Activity Log Plugin <= 1.6.2 is vulnerable to SQL Injection | Solwin Infotech | User Activity Log | 超危 | - | 2023-10-31 14:57:14 | Deep Dive |
| CVE-2023-5133 | User Activity Log Pro < 2.3.4 - IP Spoofing | Unknown | user-activity-log-pro | 高危 | - | 2023-10-16 19:39:18 | Deep Dive |
| CVE-2023-5167 | User Activity Log Pro < 2.3.4 - Unauthenticated Stored Cross-Site Scripting via User Agent | Unknown | user-activity-log-pro | 中危 | - | 2023-10-16 19:39:01 | Deep Dive |
| CVE-2023-4281 | Activity Log < 2.8.8 - IP Spoofing | Unknown | Activity Log | 中危 | - | 2023-09-25 15:56:53 | Deep Dive |
| CVE-2023-4279 | User Activity Log < 1.6.7 - IP Spoofing | Unknown | User Activity Log | 高危 | - | 2023-09-04 11:27:04 | Deep Dive |
| CVE-2023-4269 | User Activity Log < 1.6.6 - Subscriber+ Log Export | Unknown | User Activity Log | 中危 | - | 2023-09-04 11:26:56 | Deep Dive |
| CVE-2023-4150 | User Activity Tracking and Log < 4.0.9 - License Update/Deactivation via CSRF | Unknown | User Activity Tracking and Log | 中危 | - | 2023-08-30 14:22:05 | Deep Dive |
| CVE-2023-3435 | User Activity Log < 1.6.5 - Unauthenticated SQLi | Unknown | User Activity Log | 超危 | - | 2023-08-14 19:10:19 | Deep Dive |
| CVE-2023-2761 | User Activity Log < 1.6.3 - Admin+ SQL Injection | Unknown | User Activity Log | 高危 | - | 2023-07-24 10:20:26 | Deep Dive |
| CVE-2023-2286 | WP Activity Log <= 4.5.0 - Cross-Site Request Forgery via ajax_run_cleanup | melapress | WP Activity Log | Medium | 4.3 | 2023-06-09 12:32:01 | Deep Dive |
| CVE-2023-2261 | WP Activity Log <= 4.5.0 - Missing Capabilities Check to User Enumeration | melapress | WP Activity Log | Medium | 4.3 | 2023-06-09 12:32:01 | Deep Dive |
| CVE-2023-2284 | WP Activity Log Premium <= 4.5.0 - Missing Authorization via ajax_switch_db | wpwhitesecurity | WP Activity Log Premium | Medium | 4.3 | 2023-06-09 12:32:00 | Deep Dive |
| CVE-2023-2285 | WP Activity Log Premium <= 4.5.0 - Cross-Site Request Forgery via ajax_switch_db | wpwhitesecurity | WP Activity Log Premium | Medium | 4.3 | 2023-06-09 12:32:00 | Deep Dive |
| CVE-2020-36716 | WP Activity Log <= 4.0.1 - Missing Authorization | melapress | WP Activity Log | High | 7.3 | 2023-06-07 01:51:33 | Deep Dive |
| CVE-2022-3941 | Activity Log Plugin HTTP Header neutralization for logs | unspecified | Activity Log Plugin | Medium | 5.3 | 2022-11-11 00:00:00 | Deep Dive |
| CVE-2022-27858 | WordPress Activity Log plugin <= 2.8.3 - CSV Injection vulnerability | Activity Log Team | Activity Log (WordPress plugin) | High | 7.4 | 2022-11-08 18:29:27 | Deep Dive |