Activitypub
This hub aggregates every CVE we track for Activitypub, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM5HIGH1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Activitypub.
- CVE-2026-4338ActivityPub Routing < 8.0.2 - Unauthenticated Drafts/Scheduled/Pending Posts Disclosure7.5
- CVE-2023-52199WordPress ActivityPub plugin <= 1.0.5 - Unauthenticated Broken Access Control vulnerability6.5
- CVE-2023-3706ActivityPub for WordPress < 1.0.0 - Subscriber+ Arbitrary Post Title Disclosure4.3
- CVE-2023-3746ActivityPub for WordPress < 1.0.1 - Contributor+ Stored XSS5.4
- CVE-2023-5057ActivityPub for WordPress < 1.0.0 - Contributor+ Stored XSS5.4
- CVE-2023-3707ActivityPub for WordPress < 1.0.0 - Subscriber+ Arbitrary Post Content Disclosure4.3
Product normalization is registry-driven with AI assist and human review. How it works