Wpsecurityauditlog Wp Security Audit Log vulnerabilities
2 known vulnerabilities affecting wpsecurityauditlog/wp_security_audit_log.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2018-8719P3MEDIUMCVSS 5.3PoCv3.1.12018-04-04
CVE-2018-8719 [MEDIUM] CWE-532 CVE-2018-8719: An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-conten
An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information.
nvd
CVE-2014-5072P4HIGHCVSS 8.8fixed in 1.2.52018-04-06
CVE-2014-5072 [HIGH] CWE-352 CVE-2014-5072: Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin before 1.2.5 for Wor
Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
nvd