2 matches found
WordPress WP Activity Log Plugin < 4.5.2 Multiple Vulnerabilities
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpwhitesecurity:wpactivitylog"; ifdescription...
CVE-2023-2286
Modes: C. The CVE-2023-2286 entry concerns the WP Activity Log for WordPress. The connected Red Hat and Wordfence-derived records confirm a CSRF vulnerability in the WP Activity Log (and WP Activity Log Premium) up to version 4.5.0, caused by missing/incorrect nonce validation in the ajax_run_cle...