10 matches found
CVE-2026-25331
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through = 5.5.4...
EUVD-2014-4971
Malware in sbrugna...
CVE-2014-5072
Cross-site request forgery CSRF vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
CVE-2014-5072
CVE-2014-5072 affects the WP Security Audit Log WordPress plugin prior to version 1.2.5. The vulnerability is a cross-site request forgery (CSRF) that could allow remote attackers to hijack the authentication of unspecified victims via unknown vectors. The public records in the connected sources ...
CVE-2014-5072
Cross-site request forgery CSRF vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
CVE-2018-8719
An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/ files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information...
Information disclosure
An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/ files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information...
CVE-2018-8719
CVE-2018-8719 affects WordPress WP Security Audit Log plugin (v3.1.1). The issue is information disclosure: access to wp-content/uploads/wp-security-audit-log/* is not restricted, enabling potential exposure of sensitive data (e.g., login attempts) and making files indexable by search engines. Ex...
WP Security Audit Log Plugin <= 3.1.1 - Sensitive Information Disclosure
No protection on the wp-content/uploads/wp-security-audit-log/ which is indexed by google and allows for attackers to possibly find user information bad login attempts PoC Google Dork: inurl:/wp-content/uploads/wp-security-audit-log/...