CVE-2026-8198 | logtivity Activity Logs, User Activity Tracking, Multisite Activity Log Plugin REST API Endpoint options verifyAuthorization information disclosure

May 9, 2026 Yanac

A vulnerability identified as problematic has been detected in logtivity Activity Logs, User Activity Tracking, Multisite Activity Log Plugin up to 3.3.6 on WordPress. Impacted is the function verifyAuthorization of the file /wp-json/logtivity/v1/options of the component REST API Endpoint. This manipulation causes information disclosure.

This vulnerability is registered as CVE-2026-8198. Remote exploitation of the attack is possible. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More