cleantalk
Vulnerabilities and Security Researches

Simple History – user activity log, audit tool, 736e6adad7e211ec7b84a941eb01ac324a79772d

CVE, Research URL

736e6adad7e211ec7b84a941eb01ac324a79772d

Home page URL

Security reports for Simple History – user activity log, audit tool

Application

Simple History – user activity log, audit tool

Published on
Jul 28, 2016
Research Description
Simple History – Track, Log, and Audit WordPress Changes [simple-history] < 2.7.5 Simple History Plugin < 2.7.5 - Sensitive Information Disclosure The Simple History plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.7.4 via the ajax_simple_history_filters_search_user function. This can allow authenticated attackers to extract sensitive data including logged in usernames and their email address.
Affected versions
max 2.7.5.
Status
vulnerable
Previous vulnerability researches
Affiliate Power &#8211; Sales Tracking for Affiliate Marketers (8770281c773724cc3af31c3a3cbecbbf15603486) , Jun 06, 2024
Affiliate Power &#8211; Sales Tracking for Affiliate Marketers (7fa9e95c22fbb07af86ccdaf0b6338b9f2dffb5a) , Jun 16, 2026
Affiliate Power &#8211; Sales Tracking for Affiliate Marketers (3ceba7d6-4034-4220-9d2e-89f59c2050e3) , Jun 16, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026