2 matches found
CVE-2026-8198
The Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin for WordPress is vulnerable to Authentication Bypass to Information Disclosure in versions up to, and including, 3.3.6. This is due to a logic flaw in the verifyAuthorization method where requests without an...
CVE-2026-8198
CVE-2026-8198 affects the WordPress Logtivity plugin (Activity Logs, User Activity Tracking, Multisite Activity Log). Up to and including version 3.3.6, a logic flaw in verifyAuthorization causes requests without an Authorization header to skip Bearer token validation and fall through to an uncon...