PT-2026-5057 · WordPress · User Activity Log

Alex Tselevich

Publicado

2026-01-28

Atualizado

2026-01-28

CVE-2025-13471

CVSS v3.1

5.3

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions User Activity Log WordPress plugin versions through 2.2

Description The User Activity Log WordPress plugin does not correctly manage unsuccessful login attempts. This allows individuals without authorization to modify plugin settings, such as enabling User Registration even when it is disabled.

Recommendations Update the User Activity Log WordPress plugin to a version later than 2.2.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2025-13471

Produtos afetados

User Activity Log

PT-2026-5057 · WordPress · User Activity Log

CVE-2025-13471

Identificadores relacionados

Produtos afetados

Referências · 5