Medium severity5.3NVD Advisory· Published May 15, 2025· Updated Jun 17, 2026
CVE-2024-0970
CVE-2024-0970
Description
This User Activity Tracking and Log WordPress plugin before 4.1.4 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <4.1.4
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/7df6877c-6640-41be-aacb-20c7da61e4db/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.