Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High0

Medium2

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2025-11-13

CVE-2024-0970 - User Activity Tracking And Log Plugin

This User Activity Tracking and Log WordPress plugin before 4.1.4 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value.

PLUGIN User Activity Tracking And Log

CVE-2024-0970

MEDIUM CVSS 5.3 2025-05-15

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2025-04-23

CVE-2023-4150 - User Activity Tracking And Log Plugin

The User Activity Tracking and Log WordPress plugin before 4.0.9 does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate the plugin's license via CSRF attacks

PLUGIN User Activity Tracking And Log

CVE-2023-4150

MEDIUM CVSS 4.3 2023-08-30

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2024-0970 - User Activity Tracking And Log Plugin

CVE-2023-4150 - User Activity Tracking And Log Plugin

Company Links

Contact Us