Activity Logs User Activity Tracking Multisite Activity Log From Logtivity
Monthly
Sensitive data exposure in the Logtivity Activity Logs, User Activity Tracking, Multisite Activity Log WordPress plugin (versions up to and including 3.3.6) allows remote unauthenticated attackers to retrieve embedded sensitive information from data sent by the plugin. The CVSS vector (AV:N/AC:L/PR:N/UI:N) indicates network-reachable exploitation with no privileges or user interaction, though no public exploit identified at time of analysis and the issue is not on the CISA KEV list.
Sensitive data exposure in the Logtivity Activity Logs, User Activity Tracking, Multisite Activity Log WordPress plugin (versions up to and including 3.3.6) allows remote unauthenticated attackers to retrieve embedded sensitive information from data sent by the plugin. The CVSS vector (AV:N/AC:L/PR:N/UI:N) indicates network-reachable exploitation with no privileges or user interaction, though no public exploit identified at time of analysis and the issue is not on the CISA KEV list.