MidnightBSD

Advisories for wpsecurityauditlog

CVE-2014-5072 MEDIUM

Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
wpsecurityauditlog wp_security_audit_log *
CVE-2018-8719 MEDIUM

An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-532,

Products Affected

Vendor Product Version
wpsecurityauditlog wp_security_audit_log 3.1.1