WordPress WP Activity Log plugin <= 5.6.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log allows DOM-Based XSS. This issue affects WP Activity Log: from n/a through 5.6.3.
AV:NAttack VectorAC:LAttack ComplexityPR:LPrivileges RequiredUI:RUser InteractionS:CScopeC:LConfidentialityI:LIntegrityA:LAvailabilityClick technique nodes to view MITRE ATT&CK details. Scroll to zoom, drag to pan.
Get the full picture for CVE-2026-45435 and every CVE in our database. Create a free account — no credit card required.
Create Free Account