Vulnerabilities (CVE)

Filtered by vendor Wpsecurityauditlog Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-8719 1 Wpsecurityauditlog 1 Wp Security Audit Log 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information.
CVE-2014-5072 1 Wpsecurityauditlog 1 Wp Security Audit Log 2024-11-21 6.8 MEDIUM 8.8 HIGH
Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.