Skip to main content

Activity Logs User Activity Tracking Multisite Activity Log From Logtivity

1 CVEs product

Monthly

CVE-2026-42673 HIGH This Week

Sensitive data exposure in the Logtivity Activity Logs, User Activity Tracking, Multisite Activity Log WordPress plugin (versions up to and including 3.3.6) allows remote unauthenticated attackers to retrieve embedded sensitive information from data sent by the plugin. The CVSS vector (AV:N/AC:L/PR:N/UI:N) indicates network-reachable exploitation with no privileges or user interaction, though no public exploit identified at time of analysis and the issue is not on the CISA KEV list.

Information Disclosure Activity Logs User Activity Tracking Multisite Activity Log From Logtivity
NVD
CVSS 3.1
7.5
EPSS
0.0%
EPSS 0% CVSS 7.5
HIGH This Week

Sensitive data exposure in the Logtivity Activity Logs, User Activity Tracking, Multisite Activity Log WordPress plugin (versions up to and including 3.3.6) allows remote unauthenticated attackers to retrieve embedded sensitive information from data sent by the plugin. The CVSS vector (AV:N/AC:L/PR:N/UI:N) indicates network-reachable exploitation with no privileges or user interaction, though no public exploit identified at time of analysis and the issue is not on the CISA KEV list.

Information Disclosure Activity Logs User Activity Tracking Multisite Activity Log From Logtivity
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy