4 matches found
CVE-2025-24982
Cross-site request forgery vulnerability exists in Activity Log WinterLock versions prior to 1.2.5. If a user views a malicious page while logged in, the log data may be deleted...
CVE-2025-24982
creationtimestamp| type| source ---|---|--- 2025-02-04 04:23:47+00:00| seen| https://infosec.exchange/users/cve/statuses/113943709406528304 2025-02-04 05:15:34+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhdcgmverp27 2025-02-04 06:13:47+00:00| seen|...
CVE-2025-24982
Cross-site request forgery vulnerability exists in Activity Log WinterLock versions prior to 1.2.5. If a user views a malicious page while logged in, the log data may be deleted...
CVE-2025-24982
The CVE-2025-24982 affects the WordPress plugin Activity Log WinterLock, specifically versions prior to 1.2.5. The vulnerability is a Cross‑Site Request Forgery (CSRF) that can cause log data to be deleted when a logged‑in user views a malicious page. No root cause details beyond CSRF are provide...