Activity Log for WordPress

Vulnerabilities 8Slug winterlockLatest version 1.2.9WordPress.org →

Minimum safe version

1.2.9

Update to 1.2.9 or later to address 8 fixable vulnerabilities

Latest available1.2.9 ✓

N/A

2026-02-11< 1.2.9

Activity Log for WordPress <= 1.2.8 - Missing Authorization to Sensitive Information Exposure via Log File

Medium 6.5

2026-03-25< 1.2.8

CVE-2026-24987

N/A

2025-02-04< 1.2.5

WordPress Plugin "Activity Log WinterLock" vulnerable to cross-site request forgery

Medium 4.3

2025-02-24< 1.2.5

WordPress WP System Log Plugin <= 1.2.4 is vulnerable to Cross Site Request Forgery (CSRF)

N/A

2023-07-18< 1.2.2

WordPress WP System Log Plugin < 1.2.2 is vulnerable to Cross Site Scripting (XSS)

N/A

2022-02-28< 1.0.23

WordPress WP System Log plugin <= 1.0.22 - Sensitive Information Disclosure vulnerability

N/A

2022-02-28< 1.0.23

WordPress WP System Log plugin <= 1.0.22 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Medium 6.1

2021-12-13< 1.0.23

CVE-2021-24756