cleantalk
Vulnerabilities and Security Researches

WP Activity Log, 4ec13b3c-7fc9-4d9a-98f5-e59187d128a4

CVE, Research URL

4ec13b3c-7fc9-4d9a-98f5-e59187d128a4

Home page URL

Security reports for WP Activity Log

Application

WP Activity Log

Published on
-
Research Description
WP Activity Log [wp-security-audit-log] < 4.1.5 WP Activity Log &lt; 4.1.5 - SQL Injection in External Database Module Two SQL Injection vulnerabilities were identified in the WP Activity Log WordPress plugin. The changelog of the plugin states: &quot;SQL Injection in external database module reported by WP deeply. Thank you for the responsible disclosure.&quot;
Affected versions
max 4.1.5.
Status
vulnerable
Previous vulnerability researches
WP Activity Log (CVE-2025-0767) , Mar 05, 2025
WP Activity Log (CVE-2023-33999) , Jun 14, 2026
WP Activity Log (CVE-2026-25331) , Feb 27, 2026
WP Activity Log (CVE-2026-45435) , May 26, 2026
WP Activity Log (CVE-2025-0924) , Feb 17, 2025
New vulnerability
W3 Total Cache (CVE-2026-39595) , Jun 19, 2026
Advanced Ads – Ad Manager &amp; AdSense (CVE-2026-54816) , Jun 19, 2026
Advanced Order Export For WooCommerce (CVE-2026-11360) , Jun 19, 2026
WP Activity Log (CVE-2026-54806) , Jun 18, 2026
Gutenberg Blocks by Kadence Blocks – Page Builder Features (CVE-2026-11357) , Jun 18, 2026