security vulnerability | WordPress.org

macpheek
(@macpheek)

1 year ago

Hi, I’ve had a notice from wordfence that this plugin has a security vulnerability, is a patch being worked on?

Critical Problems:

* The Plugin “User Activity Log” has a security vulnerability.

Vulnerability Severity: 9.1/10.0 (Critical) Vulnerability Information
https://wordpress.org/plugins/user-activity-log/#developers

Thanks

Viewing 5 replies - 1 through 5 (of 5 total)

invaderB
(@invaderb)

1 year ago

Also curious if this is getting worked on…

Here’s the CVE
https://www.cve.org/CVERecord?id=CVE-2024-31356

bphyle
(@bphyle)

1 year ago

Curiosity intensifies…

invaderB
(@invaderb)

1 year ago

I’m giving it till Friday then moving to a different plugin if a fix is not pushed out….

michaelrich
(@michaelrich)

11 months, 3 weeks ago

It seems like you can only exploit it if you are an administrator anyway… But it is very concerning for me that the developer is not reacting here.

Plugin Author solwininfotech
(@solwininfotech)

8 months, 2 weeks ago

Hi @macpheek @michaelrich @invaderb @bphyle

I apologize for the delayed response.

We would like to inform you that we have released an updated version of our plugin,in which we have fixed a security vulnerability issue. Please update your plugin accordingly.

If you encounter any further problems, do not hesitate to reach out to us. We are here to assist you in resolving any issues as quickly as possible.

Thank you!

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘security vulnerability’ is closed to new replies.