cleantalk
Vulnerabilities and Security Researches

History Log by click5, CVE-2023-5082

CVE, Research URL

CVE-2023-5082

Home page URL

Security reports for History Log by click5

Application

History Log by click5

Published on
Nov 07, 2023
Research Description
The History Log by click5 WordPress plugin before 1.0.13 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when using the Smash Balloon Social Photo Feed plugin alongside it.
Affected versions
Min -, max 1.0.13.
Status
vulnerable
Previous vulnerability researches
History Log by click5 (CVE-2025-31531) , Apr 03, 2025
History Log by click5 (CVE-2023-5082) , Jun 07, 2024
New vulnerability
RDP Wiki Embed (CVE-2025-32262) , Apr 06, 2025
AdMail – Back in-stock notifier for WooCommerce (CVE-2025-32234) , Apr 06, 2025
Course Booking System (CVE-2025-32253) , Apr 06, 2025
Radius Blocks – WordPress Gutenberg Blocks (CVE-2025-32159) , Apr 06, 2025
Wishlist (CVE-2025-32272) , Apr 06, 2025