WordPress Plugin Vulnerabilities

WP Activity Log < 4.5.2 - Subscriber+ Information Leak

Description

The plugin does not properly implement a capability check on the handle_ajax_call function, leading to an authorization bypass that allows authenticated users to obtain a list of users' information, including ids, usernames, and emails.

Affects Plugins

Plugin icon
wp-security-audit-log
Fixed in 4.5.2

References

CVE
CVE-2023-2261
URL
https://www.wordfence.com/threat-intel/vulnerabilities/detail/wp-activity-log-450-missing-capabilities-check-to-user-enumeration

Classification

Type
SENSITIVE DATA DISCLOSURE
OWASP top 10
A3: Sensitive Data Exposure
CWE
CWE-200
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Marco Wotschka
Verified
No
WPVDB ID
3c5e45fd-933f-47e0-bfb5-b376fab6b88b

Timeline

Publicly Published
2023-05-17 (about 2 years ago)
Added
2023-06-09 (about 2 years ago)
Last Updated
2023-06-09 (about 2 years ago)

Other

Published
Title
Published
2025-01-30
Title
Order Export for WooCommerce < 3.25 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory
Published
2024-01-17
Title
IP2Location Country Blocker < 2.33.4 - Unauthenticated Sensitive Information Exposure via Debug Log File
Published
2025-05-07
Title
weMail < 1.14.14 - Unauthenticated Sensitive Information Exposure
Published
2024-05-10
Title
Shopping Cart & eCommerce Store < 5.6.5 - Sensitive Information Exposure
Published
2022-10-17
Title
WP < 6.0.3 - Content from Multipart Emails Leaked