June 17, 2026

CVE Watchtower


← Back to CVE List

CVE-2026-54806NVD

Vulnerability Summary

Unauthenticated PHP Object Injection in WP Activity Log <= 5.6.3.1 versions.
Severity Level
CRITICAL(9.8)
Published Date
Jun 17, 2026
Last Modified
Jun 17, 2026
Exploitation Status
????
EPSS Score (30-Day)
Data Pending
Root Weakness (CWE)
N/A
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

External References