CVE-2026-45435

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Melapress WP Activity Log allows DOM-Based XSS. This issue affects WP Activity Log: from n/a through 5.6.3...

PT-2026-43148

Name of the Vulnerable Software and Affected Versions WP Activity Log versions prior to 5.6.4 Description Improper neutralization of input during web page generation in Melapress WP Activity Log allows for DOM-Based Cross-site Scripting XSS, a flaw where the application contains client-side...

CVE-2026-25331

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through = 5.5.4...

WordPress plugin Activity Log for WordPress 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

WordPress Activity Log – Monitor & Record User Changes plugin <= 2.11.1 - Unauthenticated Stored Cross-Site Scripting via Event Context vulnerability

Unauthenticated Stored Cross-Site Scripting via Event Context vulnerability discovered by mikemyers in WordPress Plugin Activity Log versions = 2.11.1...

WordPress Activity Log Plugin <= 2.11.1 is vulnerable to Cross Site Scripting (XSS)

Software Activity Log Type Plugin Vulnerable versions = 2.11.1 Fixed in 2.11.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10788 Patch priority Medium CVSS severity Medium 7.1 Developer Elementor PSID 657fbb862f42 Credits mikemyers Required...

WordPress WP Activity Log Premium plugin <= 4.6.4 - Authenticated (Subscriber+) SQL Injection vulnerability

Authenticated Subscriber+ SQL Injection vulnerability discovered by 1337Wannabe in WordPress Plugin WP Activity Log Premium versions = 4.6.4...

WordPress Plugin WP Activity Log Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Plugin WP Activity Log 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

CVE-2020-36716

The WP Activity Log plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the setuppage function in versions up to, and including, 4.0.1. This makes it possible for unauthenticated attackers to run the setup wizard if it has not been run previously and...

WordPress Plugin WP Activity Log 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress Activity Log For MainWP plugin <= 1.7.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Activity Log For MainWP plugin versions = 1.7.0. Solution Update the WordPress Activity Log For MainWP plugin to the latest available version at least 1.7.1...

WordPress Plugin Activity Log 2.4.0 - Stored Cross-Site Scripting

Exploit Title : Activity Log Wordpress Plugin Stored Cross Site Scripting XSS Date: 25-02-2018 Exploit Author : Stefan Broeder Vendor Homepage: https://pojo.me Software Link: https://wordpress.org/plugins/aryo-activity-log/ Version: 2.4.0 CVE : CVE-2018-8729 Category : webapps Description...

WordPress Activity Log 2.3.1 Plugin - Persistent Cross-Site Scripting

Exploit for php platform in category web applications Persistent Cross-Site Scripting in WordPress Activity Log plugin Han Sahin Abstract A stored Cross-Site Scripting XSS vulnerability has been found in the WordPress Activity Log plugin. By using this vulnerability an attacker can inject malicio...