Filtered by vendor Wpsecurityauditlog
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-8719 | 1 Wpsecurityauditlog | 1 Wp Security Audit Log | 2018-05-11 | 5.0 MEDIUM | 5.3 MEDIUM |
An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information. | |||||
CVE-2014-5072 | 1 Wpsecurityauditlog | 1 Wp Security Audit Log | 2018-05-09 | 6.8 MEDIUM | 8.8 HIGH |
Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. |