CVE-2023-4150

Name of the Vulnerable Software and Affected Versions User Activity Tracking and Log WordPress plugin versions prior to 4.0.9

Description The issue is related to a lack of proper CSRF checks when managing the license of the plugin. This could allow attackers to make logged-in admins update and deactivate the plugin's license via CSRF attacks.

Recommendations For versions prior to 4.0.9, update to version 4.0.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the license management functionality to minimize the risk of exploitation.