Product
melapress wp activity log
10 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-0767
CVE-2025-0924
CVE-2024-10793
CVE-2024-2018
CVE-2023-50905
CVE-2023-2286
CVE-2023-2285
CVE-2023-2284
CVE-2023-2261
CVE-2020-36716
all versions
WP Activity Log 5.3.2 was found to be vulnerable. Unvalidated user input is used directly in an unserialize function in myapp/clas
< 5.3.0
The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘message’ parameter in all versi
< 5.2.2
The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up
< 4.6.4.1
The WP Activity Log Premium plugin for WordPress is vulnerable to SQL Injection via the entry-roles parameter in all versions up t
< 4.6.2
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log al
<= 4.5.0
The WP Activity Log for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.0. This is due
<= 4.5.0
The WP Activity Log Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5
<= 4.5.0
The WP Activity Log Premium plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability ch
<= 4.5.0
The WP Activity Log plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handle_aja
<= 4.0.1
The WP Activity Log plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the setup_page