92 matches found
CVE-2026-42673
Insertion of Sensitive Information Into Sent Data vulnerability in Logtivity Activity Logs Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity allows Retrieve Embedded Sensitive Data. This issue affects Activity Logs, User Activity Tracking, Multisite Activity Log from...
CVE-2026-42673 WordPress Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin <= 3.3.6 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Logtivity Activity Logs Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity allows Retrieve Embedded Sensitive Data. This issue affects Activity Logs, User Activity Tracking, Multisite Activity Log from...
EUVD-2026-33690
Insertion of Sensitive Information Into Sent Data vulnerability in Logtivity Activity Logs Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity allows Retrieve Embedded Sensitive Data. This issue affects Activity Logs, User Activity Tracking, Multisite Activity Log from...
CVE-2026-42673
CVE-2026-42673 concerns the WordPress plugin Logtivity (Activity Logs, User Activity Tracking, Multisite Activity Log). Affected versions are up to 3.3.6. The vulnerability is described as an Insertion of Sensitive Information Into Sent Data , enabling retrieval of embedded sensitive data from se...
CVE-2026-42673 WordPress Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin <= 3.3.6 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Logtivity Activity Logs Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity allows Retrieve Embedded Sensitive Data. This issue affects Activity Logs, User Activity Tracking, Multisite Activity Log from...
PT-2026-45460
Insertion of Sensitive Information Into Sent Data vulnerability in Logtivity Activity Logs Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity allows Retrieve Embedded Sensitive Data. This issue affects Activity Logs, User Activity Tracking, Multisite Activity Log from...
WordPress plugin: Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity – Security Vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. WordPress plugins are additional applications that can b...
CVE-2026-5171
Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the required permission to retrieve that entry's activity logs via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 through...
EUVD-2026-31460
Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the required permission to retrieve that entry's activity logs via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 through...
CVE-2026-5171
Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the required permission to retrieve that entry's activity logs via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 through...
CVE-2026-5171
CVE-2026-5171 describes improper access control in Devolutions Server’s entry activity log feature. An authenticated user with access to an entry but lacking the required permission can retrieve that entry’s activity logs via a crafted API request. Affected: Devolutions Server 2026.1.6.0–2026.1.1...
CVE-2026-5171
Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the required permission to retrieve that entry's activity logs via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 through...
CVE-2026-5171
Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the required permission to retrieve that entry's activity logs via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 through...
PT-2026-42785
Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the required permission to retrieve that entry's activity logs via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 through...
WordPress Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin <= 3.3.6 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Peng Zhou in WordPress Plugin Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity versions = 3.3.6...
WordPress Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin <= 3.3.6 - Unauthenticated Information Disclosure vulnerability
Unauthenticated Information Disclosure vulnerability discovered by Ronnachai Chaipha rxnr - Reconix Co., Ltd. in WordPress Plugin Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity versions = 3.3.6...
CVE-2026-4299
The MainWP Child Reports plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 2.2.6. This is due to a missing capability check in the heartbeatreceived function in the LiveUpdate class. This makes it possible for authenticated attackers, with...
EUVD-2026-20044
The MainWP Child Reports plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 2.2.6. This is due to a missing capability check in the heartbeatreceived function in the LiveUpdate class. This makes it possible for authenticated attackers, with...
CVE-2026-4299
The MainWP Child Reports plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 2.2.6. This is due to a missing capability check in the heartbeatreceived function in the LiveUpdate class. This makes it possible for authenticated attackers, with...
CVE-2026-4299
CVE-2026-4299 concerns the WordPress plugin MainWP Child Reports (