Security Advisory

CVE-2023-5167

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-10-16 19:39:00

Last updated 2025-04-23 16:13:31

Assigner WPScan

State PUBLISHED

Description

The User Activity Log Pro WordPress plugin before 2.3.4 does not properly escape recorded User-Agents in the user activity logs dashboard, which may allow visitors to conduct Stored Cross-Site Scripting attacks.

← Browse all CVEs View on cve.org ↗