Skip to main content

Wp System Log

2 CVEs product

Monthly

CVE-2026-24987 MEDIUM This Month

Authenticated users can bypass authorization controls in WP System Log plugin versions up to 1.2.7 to modify system logs due to improper access control validation. An attacker with valid credentials could alter log data to cover tracks or manipulate audit records without additional privileges. No patch is currently available for this vulnerability.

Authentication Bypass Wp System Log
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2021-24756 MEDIUM POC This Month

The WP System Log WordPress plugin before 1.0.21 does not sanitise, validate and escape the IP address retrieved from login requests before outputting them in the admin dashboard, which could allow. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Wp System Log
NVD WPScan
CVSS 3.1
6.1
EPSS
1.3%
EPSS 0% CVSS 6.5
MEDIUM This Month

Authenticated users can bypass authorization controls in WP System Log plugin versions up to 1.2.7 to modify system logs due to improper access control validation. An attacker with valid credentials could alter log data to cover tracks or manipulate audit records without additional privileges. No patch is currently available for this vulnerability.

Authentication Bypass Wp System Log
NVD VulDB
EPSS 1% CVSS 6.1
MEDIUM POC This Month

The WP System Log WordPress plugin before 1.0.21 does not sanitise, validate and escape the IP address retrieved from login requests before outputting them in the admin dashboard, which could allow. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Wp System Log
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy