All 8 CVE vulnerabilities found in WP Activity Log, with AI-generated Chinese analysis, references, and POCs.
Vendor: melapress
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2026-25331 | WordPress WP Activity Log plugin <= 5.5.4 - Cross Site Scripting (XSS) vulnerability CWE-79 | 6.1AI | MediumAI | 2026-02-19 |
| CVE-2025-0767 | WP Activity Log 5.3.2 - Insecure deserialization CWE-502 | 9.8 | - | 2025-02-27 |
| CVE-2025-0924 | WP Activity Log <= 5.2.2 - Unauthenticated Stored Cross-Site Scripting CWE-79 | 7.2 | High | 2025-02-17 |
| CVE-2024-10793 | WP Activity Log <= 5.2.1 - Unauthenticated Stored Cross-Site Scripting via User_id Parameter CWE-79 | 7.2 | High | 2024-11-15 |
| CVE-2023-50905 | WordPress WP Activity Log plugin <= 4.6.1 - Cross Site Scripting (XSS) vulnerability CWE-79 | 7.1 | High | 2024-02-29 |
| CVE-2023-2286 | WP Activity Log <= 4.5.0 - Cross-Site Request Forgery via ajax_run_cleanup CWE-352 | 4.3 | Medium | 2023-06-09 |
| CVE-2023-2261 | WP Activity Log <= 4.5.0 - Missing Capabilities Check to User Enumeration CWE-862 | 4.3 | Medium | 2023-06-09 |
| CVE-2020-36716 | WP Activity Log <= 4.0.1 - Missing Authorization CWE-862 | 7.3 | High | 2023-06-07 |
All 8 known CVE vulnerabilities affecting WP Activity Log with full Chinese analysis, references, and POCs where available.