HIGH
Logtivity Activity Logs
CVE published 2026-06-01
CVE-2026-42673
A HIGH severity vulnerability (CVSS 7.5) in the Logtivity Activity Logs WordPress plugin allows unauthenticated remote attackers to retrieve embedded sensitive data. The plugin fails to prevent insertion of sensitive information into sent data (CWE-201), exposing confidential material in outbound responses. Affected versions span from initial release through 3.3.6. The CVE was published on 2026-06-01 and [truncated]