CVE-2026-42673

Insertion of Sensitive Information Into Sent Data vulnerability in Logtivity Activity Logs Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity allows Retrieve Embedded Sensitive Data. This issue affects Activity Logs, User Activity Tracking, Multisite Activity Log from...

EUVD-2026-33690

Insertion of Sensitive Information Into Sent Data vulnerability in Logtivity Activity Logs Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity allows Retrieve Embedded Sensitive Data. This issue affects Activity Logs, User Activity Tracking, Multisite Activity Log from...

CVE-2026-42673

CVE-2026-42673 concerns the WordPress plugin Logtivity (Activity Logs, User Activity Tracking, Multisite Activity Log). Affected versions are up to 3.3.6. The vulnerability is described as an Insertion of Sensitive Information Into Sent Data , enabling retrieval of embedded sensitive data from se...

CVE-2026-42673 WordPress Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin <= 3.3.6 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Logtivity Activity Logs Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity allows Retrieve Embedded Sensitive Data. This issue affects Activity Logs, User Activity Tracking, Multisite Activity Log from...

WordPress plugin: Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity – Security Vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. WordPress plugins are additional applications that can b...

WordPress Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin <= 3.3.6 - Unauthenticated Information Disclosure vulnerability

Unauthenticated Information Disclosure vulnerability discovered by Ronnachai Chaipha rxnr - Reconix Co., Ltd. in WordPress Plugin Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity versions = 3.3.6...

CVE-2023-4150

The User Activity Tracking and Log WordPress plugin before 4.0.9 does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate the plugin's license via CSRF attacks...

EUVD-2023-54030

Malicious code in bioql PyPI...

EUVD-2024-16747

Malicious code in bioql PyPI...

WordPress User Activity Tracking and Log plugin < 4.1.4 - IP Spoofing vulnerability

IP Spoofing vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin User Activity Tracking and Log versions 4.1.4...

CVE-2024-0970

This User Activity Tracking and Log WordPress plugin before 4.1.4 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value...

CVE-2024-0970

This User Activity Tracking and Log WordPress plugin before 4.1.4 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value...

CVE-2024-0970 User Activity Tracking and Log < 4.1.4 - IP Spoofing

This User Activity Tracking and Log WordPress plugin before 4.1.4 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value...

CVE-2024-0970 User Activity Tracking and Log < 4.1.4 - IP Spoofing

This User Activity Tracking and Log WordPress plugin before 4.1.4 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value...

WordPress plugin This User Activity Tracking and Log 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

CVE-2024-40864

The issue was addressed with improved handling of protocols. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.2, watchOS 11.2. An attacker in a privileged network position may be able to track a user's activity...

CVE-2024-40864

CVE-2024-40864 affects macOS Ventura 13.7.5 and macOS Sonoma 14.7.5. The issue stems from improved handling of protocols, enabling an attacker in a privileged network position to track a user’s activity. Apple’s security content lists this under AppleAccount with the described impact; fixed updat...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sonoma, which stems from protocol mishandling and could lead to a privileged network location attacker tracking user activity...

User Activity Tracking and Log < 4.1.4 - IP Spoofing

Description This plugin retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. PoC 1. Add X-Forwarded-For: 11.11.11.11 to any request which will be in activity log. For example in creation of new post. 2. View the activity log and see that...

CVE-2023-4150

The User Activity Tracking and Log WordPress plugin before 4.0.9 does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate the plugin's license via CSRF attacks...