Wp Security Audit Log

CVEs (3)

• CVE-2026-45435MedMay 25, 2026
  WordPress

  Wp Security Audit Log
  risk 0.42cvss 6.5epss —

  Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log allows DOM-Based XSS. This issue affects WP Activity Log: from n/a through 5.6.3.

• CVE-2018-8719Apr 4, 2018
  WordPress

  Wp Security Audit Log
  risk 0.04cvss —epss 0.15

  An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information.

• CVE-2014-5072Apr 6, 2018
  WordPress

  Wp Security Audit Log
  risk 0.00cvss —epss 0.00

  Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.