7 matches found
CVE-2026-8198
The Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin for WordPress is vulnerable to Authentication Bypass to Information Disclosure in versions up to, and including, 3.3.6. This is due to a logic flaw in the verifyAuthorization method where requests without an...
CVE-2026-8198 Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity <= 3.3.6 - Unauthenticated Information Disclosure via REST API
The Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin for WordPress is vulnerable to Authentication Bypass to Information Disclosure in versions up to, and including, 3.3.6. This is due to a logic flaw in the verifyAuthorization method where requests without an...
EUVD-2026-28914
The Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin for WordPress is vulnerable to Authentication Bypass to Information Disclosure in versions up to, and including, 3.3.6. This is due to a logic flaw in the verifyAuthorization method where requests without an...
PT-2026-39335
Name of the Vulnerable Software and Affected Versions Logtivity versions prior to 3.3.7 Description A logic flaw in the verifyAuthorization function allows unauthenticated attackers to bypass authentication checks. Requests that omit the Authorization header skip Bearer token validation and trigg...
Flexense Sync Breeze Enterprise Server and Flexense Disk Pulse Enterprise have cross-site scripting vulnerabilities
Flexense Sync Breeze Enterprise Server and Flexense Disk Pulse Enterprise are both products of Flexense Corporation. Flexense Sync Breeze Enterprise Server is a network file synchronization software. Flexense Disk Pulse Enterprise is a real-time file system monitoring software. Both the Flexense...
Flexense Sync Breeze Enterprise Server and Flexense Disk Pulse Enterprise have cross-site scripting vulnerabilities
Flexense Sync Breeze Enterprise Server and Flexense Disk Pulse Enterprise are both products of Flexense Corporation. Flexense Sync Breeze Enterprise Server is a network file synchronization software. Flexense Disk Pulse Enterprise is a real-time file system monitoring software. Both the Flexense...
PT-2020-13654 · WordPress · Acf-To-Rest-Api
Name of the Vulnerable Software and Affected Versions: acf-to-rest-api plugin through 3.1.0 for WordPress Description: The issue allows an insecure direct object reference via permalinks manipulation. This can be demonstrated by a "wp-json/acf/v3/options/" request that reads sensitive information...