Pojo Security Vulnerabilities

CVE-2016-10890

The aryo-activity-log plugin before 2.3.2 for WordPress has XSS.

CVE-2016-10891

The aryo-activity-log plugin before 2.3.3 for WordPress has XSS.

CVE-2018-8729

Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin before 2.4.1 for WordPress allow remote attackers to inject arbitrary JavaScript or HTML via a title that is not escaped.

CVE-2023-47177

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yakir Sitbon, Ariel Klikstein Linker plugin <= 1.2.1 versions.