Wpwhitesecurity Wp Activity Log Premium
5 CVEs affecting Wpwhitesecurity Wp Activity Log Premium. Latest disclosed: 2024-04-09. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-2018 | High | 8.8 | 2024-04-09 | The WP Activity Log Premium plugin for WordPress is vulnerable to SQL Injection via the entry->roles parameter in all versions up to, and including, 4.6.4 due… |
CVE-2023-2261 | Medium | 4.3 | 2023-06-09 | The WP Activity Log plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handle_ajax_call function in versions u… |
CVE-2023-2286 | Medium | 4.3 | 2023-06-09 | The WP Activity Log for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.0. This is due to missing or incorrect nonc… |
CVE-2023-2284 | Medium | 4.3 | 2023-06-09 | The WP Activity Log Premium plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_switch_db fun… |
CVE-2023-2285 | Medium | 4.3 | 2023-06-09 | The WP Activity Log Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.0. This is due to missing or… |