A vulnerability identified as problematic has been detected in logtivity Activity Logs, User Activity Tracking, Multisite Activity Log Plugin up to 3.3.6 on WordPress. Impacted is the function
verifyAuthorization of the file /wp-json/logtivity/v1/options of the component REST API Endpoint. This manipulation causes information disclosure.
This vulnerability is registered as CVE-2026-8198. Remote exploitation of the attack is possible. No exploit is available.
You should upgrade the affected component.
