CVE-2025-11877 | User Activity Log Plugin up to 2.2 on WordPress Options Update update_option improper authorization

Inserito da Angelo Barbosa | Gen 7, 2026 | CVE

A vulnerability was found in User Activity Log Plugin up to 2.2 on WordPress. It has been rated as critical. This issue affects the function update_option of the component Options Update Handler. This manipulation causes improper authorization.

This vulnerability is handled as CVE-2025-11877. The attack can be initiated remotely. There is not any exploit available.

CVE-2025-11877 | User Activity Log Plugin up to 2.2 on WordPress Options Update update_option improper authorization

Post correlati

CVE-2024-46985 | DataEase up to 2.10.0 xml external entity reference

CVE-2023-42307 | code-projects Exam Form Submission 1.0 Subject Name/Subject Code cross site scripting

CVE-2023-52904 | Linux Kernel ALSA snd_usb_pcm_has_fixed_rate null pointer dereference (a474d4ad59cd/92a9c0ad86d4)

CVE-2025-11155 | SATO S86-ex 203dpi 61.00.00.09 weak encoding for password