Simple History – user activity log, audit tool, 736e6adad7e211ec7b84a941eb01ac324a79772d

CVE, Research URL: 736e6adad7e211ec7b84a941eb01ac324a79772d
Home page URL: Security reports for Simple History – user activity log, audit tool
Application: Simple History – user activity log, audit tool
Published on: Jul 28, 2016
Research Description: Simple History – Track, Log, and Audit WordPress Changes [simple-history] < 2.7.5 Simple History Plugin < 2.7.5 - Sensitive Information Disclosure The Simple History plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.7.4 via the ajax_simple_history_filters_search_user function. This can allow authenticated attackers to extract sensitive data including logged in usernames and their email address.
Affected versions: max 2.7.5.
Status: vulnerable