Cross Site Scripting Vulnerability in WP Activity Log Plugin by WordPress
CVE-2026-56005
7.1HIGH
What is CVE-2026-56005?
The WP Activity Log plugin for WordPress versions up to 5.6.3.1 includes a vulnerability that allows for cross-site scripting (XSS) attacks. This vulnerability can be exploited by an attacker to inject malicious scripts, which may compromise the security of users interacting with the affected plugin. It is important for users to update to a patched version to mitigate risks associated with XSS threats.
Affected Version(s)
WP Activity Log <= 5.6.3.1