coreActivity: Activity Logging for WordPress

Vulnerabilities 4Slug coreactivityLatest version 3.1WordPress.org →

Minimum safe version

2.7.1

Update to 2.7.1 or later to address 4 fixable vulnerabilities

Latest available3.1
Medium 6.5
2025-04-08< 2.7.1

WordPress coreActivity: Activity Logging plugin for WordPress Plugin <= 2.7 is vulnerable to SQL Injection

EUVDPatchstackWordfenceCVE
Medium 6.1
2025-05-15< 1.8.1

WordPress coreActivity: Activity Logging plugin for WordPress Plugin <= 1.8 is vulnerable to Cross Site Scripting (XSS)

EUVDPatchstackCVEWPScan
N/A
2024-01-26< 1.8.1

coreActivity <= 1.8 - Unauthenticated Stored Cross-Site Scripting

Wordfence