Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
25057.4%HIGH

Related CVEs

5
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2024-10788The Activity Log – Monitor & Record User Changes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the event parameters in all versions up to, and including, 2.11.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever an administrative user accesses an injected page.HIGH7.250.9%Nov 21, 2024
CVE-2023-47177Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yakir Sitbon, Ariel Klikstein Linker plugin <= 1.2.1 versions.MEDIUM5.422.6%Nov 6, 2023
CVE-2016-10891The aryo-activity-log plugin before 2.3.3 for WordPress has XSS.NONE59.5%Aug 21, 2019
CVE-2016-10890The aryo-activity-log plugin before 2.3.2 for WordPress has XSS.NONE61.8%Aug 21, 2019
CVE-2018-8729Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin before 2.4.1 for WordPress allow remote attackers to inject arbitrary JavaScript or HTML via a title that is not escaped.NONE92.0%Mar 15, 2018