Back to search
CVE-2023-4150
Published: Aug 30, 2023
Modified: Apr 23, 2025
PUBLISHED
Description
The User Activity Tracking and Log WordPress plugin before 4.0.9 does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate the plugin's license via CSRF attacks
| Vendor | Product | Versions |
|---|---|---|
Unknown | User Activity Tracking and Log | affected 0 - < 4.0.9 |
References
https://wpscan.com/vulnerability/381ef15b-aafe-4ef4-a0bc-867d891f7f44
exploit
vdb-entry
technical-description
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now