cleantalk
Vulnerabilities and Security Researches

WP Activity Log, CVE-2026-25331

CVE, Research URL

CVE-2026-25331

Home page URL

Security reports for WP Activity Log

Application

WP Activity Log

Published on
Feb 19, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through <= 5.5.4.
Affected versions
max 5.5.4.
Status
vulnerable
Previous vulnerability researches
Essential Addons for Elementor &#8211; Best Elementor Templates, Widgets, Kits &amp; WooCommerce Builders (CVE-2024-39649) , Aug 07, 2024
Essential Addons for Elementor &#8211; Best Elementor Templates, Widgets, Kits &amp; WooCommerce Builders (CVE-2024-7092) , Aug 13, 2024
Essential Addons for Elementor &#8211; Best Elementor Templates, Widgets, Kits &amp; WooCommerce Builders (CVE-2026-23543) , Feb 27, 2026
Essential Addons for Elementor &#8211; Best Elementor Templates, Widgets, Kits &amp; WooCommerce Builders (CVE-2024-9993) , Jun 15, 2025
Essential Addons for Elementor &#8211; Best Elementor Templates, Widgets, Kits &amp; WooCommerce Builders (CVE-2022-0683) , Jun 07, 2024
New vulnerability
BA Book Everything (CVE-2026-24371) , Feb 27, 2026
WP Job Portal &#8211; A Complete Job Board (CVE-2026-24941) , Feb 27, 2026
WP Job Portal &#8211; A Complete Job Board (CVE-2026-24379) , Feb 27, 2026
WDV One Page Docs &#8211; Documentation Plugin for WordPress (CVE-2025-68896) , Feb 27, 2026
Recooty &#8211; Modern Applicant Tracking System for Growing Companies (CVE-2025-14616) , Feb 27, 2026