Unvalidated User Input Vulnerability in WP Activity Log by WordPress
CVE-2025-0767
6.3MEDIUM
What is CVE-2025-0767?
The WP Activity Log plugin version 5.3.2 is susceptible to a security flaw due to unvalidated user input being improperly managed within the unserialize function located in myapp/classes/Writers/class-csv-writer.php. This vulnerability could allow an attacker to exploit the application, leading to potential data manipulation or compromise. Regular updates and security audits are advisable to mitigate risks associated with such vulnerabilities.
Affected Version(s)
WP Activity Log 5.3.2