Lucene search
K

6 matches found

Nuclei
Nuclei
added 12 hours ago10 views

LogDash Activity Log <= 1.1.3 - SQL Injection

The LogDash Activity Log plugin for WordPress is vulnerable to SQL Injection via the username parameter in all versions up to, and including, 1.1.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

5.4CVSS6.1AI score0.00748EPSS
Exploits1References2
Circl
Circl
added 2026/03/12 9:2 p.m.4 views

CVE-2023-6030

creationtimestamp| type| source ---|---|--- 2026-03-12 21:02:36+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mgvcd3lteh23...

5.4CVSS5.8AI score0.00748EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/05/16 10:38 p.m.7 views

WordPress LogDash Activity Log plugin < 1.1.4 - Unauthenticated SQLi vulnerability

Unauthenticated SQLi vulnerability discovered by Nicolas Surribas in WordPress Plugin LogDash Activity Log versions 1.1.4...

5.4CVSS6.9AI score0.00748EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/05/15 8:15 p.m.6 views

CVE-2023-6030

The LogDash Activity Log WordPress plugin before 1.1.4 hooks the wploginfailed function from src/Hooks/Users.php in order to log failed login attempts to the database but it doesn't escape the username when it perform some SQL request leading to a SQL injection vulnerability which can be exploite...

5.4CVSS0.00748EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:9 p.m.6 views

CVE-2023-6030 LogDash Activity Log < 1.1.4 - Unauthenticated SQLi

The LogDash Activity Log WordPress plugin before 1.1.4 hooks the wploginfailed function from src/Hooks/Users.php in order to log failed login attempts to the database but it doesn't escape the username when it perform some SQL request leading to a SQL injection vulnerability which can be exploite...

5.9AI score0.00748EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:9 p.m.28 views

CVE-2023-6030

The CVE-2023-6030 entry relates to the WordPress plugin LogDash Activity Log (versions before 1.1.4). The vulnerability arises when the plugin logs failed logins in src/Hooks/Users.php via wp_login_failed without escaping the username in a SQL query, causing a SQL injection. The risk is described...

5.4CVSS7.8AI score0.00748EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder