Melapress Wp Activity Log — known CVE vulnerabilities
Every CVE whose affected-product data names Melapress Wp Activity Log, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2025-0767 — CVSS 9.8 (critical): WP Activity Log 5.3.2 was found to be vulnerable. Unvalidated user input is used directly in an unserialize function in…
CVE-2024-2018 — CVSS 8.8 (high): The WP Activity Log Premium plugin for WordPress is vulnerable to SQL Injection via the entry->roles parameter in all versions up to, and…
CVE-2024-10793 — CVSS 7.2 (high): The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up to, and…
CVE-2025-0924 — CVSS 7.2 (high): The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘message’ parameter in all versions up…
CVE-2023-50905 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log allows…