cleantalk
Vulnerabilities and Security Researches

Activity Log WinterLock, CVE-2026-24987

CVE, Research URL

CVE-2026-24987

Home page URL

Security reports for Activity Log WinterLock

Application

Activity Log WinterLock

Published on
Mar 25, 2026
Research Description
Missing Authorization vulnerability in activity-log.com WP System Log winterlock allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP System Log: from n/a through <= 1.2.7.
Affected versions
max 1.2.7.
Status
vulnerable
Previous vulnerability researches
Activity Log WinterLock (CVE-2026-24987) , Mar 29, 2026
Activity Log WinterLock (CVE-2021-24756) , Jun 07, 2024
Activity Log WinterLock (CVE-2025-24982) , Feb 06, 2025
New vulnerability
Subscriptions for WooCommerce &#8211; Subscription Plugin for Collecting Recurring Revenue, Sell Membership Subscription Servic (CVE-2026-24372) , Mar 29, 2026
Meta Box &#8211; WordPress Custom Fields Framework (CVE-2025-14675) , Mar 29, 2026
Admin and Site Enhancements (ASE) (CVE-2026-32423) , Mar 29, 2026
Royal Elementor Addons and Templates (CVE-2026-28135) , Mar 29, 2026
Royal Elementor Addons and Templates (CVE-2025-13067) , Mar 29, 2026