Activity-Log.Com Wp Sessions Time Monitoring Full Automatic vulnerabilities
4 known vulnerabilities affecting activity-log.com/wp_sessions_time_monitoring_full_automatic.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-49681P2CRITICALCVSS 9.3≤ 1.0.92024-10-24
CVE-2024-49681 [CRITICAL] CWE-89 CVE-2024-49681: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in activity-log.com WP Sessions Time Monitoring Full Automatic activitytime allows SQL Injection.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through <= 1.0.9.
nvd
CVE-2026-39581P3HIGHCVSS 8.5≥ n/a, ≤ 1.1.42026-06-16
CVE-2026-39581 [HIGH] CWE-89 CVE-2026-39581: Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic <= 1.1.4 versions.
Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic <= 1.1.4 versions.
nvd
CVE-2026-32362P4MEDIUMCVSS 5.3≤ 1.1.32026-03-13
CVE-2026-32362 [MEDIUM] CWE-862 CVE-2026-32362: Missing Authorization vulnerability in activity-log.com WP Sessions Time Monitoring Full Automatic a
Missing Authorization vulnerability in activity-log.com WP Sessions Time Monitoring Full Automatic activitytime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through <= 1.1.3.
nvd
CVE-2025-24718P4HIGHCVSS 7.1≤ 1.1.12025-01-31
CVE-2025-24718 [HIGH] CWE-79 CVE-2025-24718: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in activity-log.com WP Sessions Time Monitoring Full Automatic activitytime allows Reflected XSS.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through <= 1.1.1.
nvd