CVE-2018-8719

CVE-2018-8719 affects WordPress WP Security Audit Log plugin (v3.1.1). The issue is information disclosure: access to wp-content/uploads/wp-security-audit-log/* is not restricted, enabling potential exposure of sensitive data (e.g., login attempts) and making files indexable by search engines. Ex...

CVE-2014-5072

CVE-2014-5072 affects the WP Security Audit Log WordPress plugin prior to version 1.2.5. The vulnerability is a cross-site request forgery (CSRF) that could allow remote attackers to hijack the authentication of unspecified victims via unknown vectors. The public records in the connected sources ...