Known Vulnerabilities for products from Solwininfotech
Listed below are 10 of the newest known vulnerabilities associated with the vendor "Solwininfotech".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-62122 json | Not Provided | 2025-12-31 | 2026-04-01 | |
| CVE-2025-57990 json | Not Provided | 2025-09-22 | 2026-04-01 | |
| CVE-2025-32677 json | Not Provided | 2025-04-09 | 2026-04-01 | |
| CVE-2023-37966 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solwin Infotech User Ac... | 9.8 - CRITICAL | 2023-10-31 | 2023-11-08 |
| CVE-2023-30485 json | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Solwin Infotech Responsive WordPress Slider – Avartan Slider ... | 6.1 - MEDIUM | 2023-09-04 | 2023-09-06 |
| CVE-2023-5167 json | The User Activity Log Pro WordPress plugin before 2.3.4 does not properly escape recorded User-Agents in the user activity lo... | 5.4 - MEDIUM | 2023-10-16 | 2023-11-07 |
| CVE-2023-5133 json | This user-activity-log-pro WordPress plugin before 2.3.4 retrieves client IP addresses from potentially untrusted headers, al... | 7.5 - HIGH | 2023-10-16 | 2023-11-07 |
| CVE-2023-4279 json | This User Activity Log WordPress plugin before 1.6.7 retrieves client IP addresses from potentially untrusted headers, allowi... | 7.5 - HIGH | 2023-09-04 | 2023-11-07 |
| CVE-2023-4269 json | The User Activity Log WordPress plugin before 1.6.6 lacks proper authorisation when exporting its activity logs, allowing any... | 4.3 - MEDIUM | 2023-09-04 | 2023-11-07 |
| CVE-2023-3435 json | The User Activity Log WordPress plugin before 1.6.5 does not correctly sanitise and escape several parameters before using it... | 9.8 - CRITICAL | 2023-08-14 | 2023-11-07 |
| CVE-2023-2761 json | The User Activity Log WordPress plugin before 1.6.3 does not properly sanitise and escape the `txtsearch` parameter before us... | 7.2 - HIGH | 2023-07-24 | 2023-11-07 |
| CVE-2022-45078 json | Improper Neutralization of Formula Elements in a CSV File vulnerability in Solwin Infotech User Blocker.This issue affects Us... | 7.2 - HIGH | 2023-11-07 | 2023-11-14 |
| CVE-2022-4793 json | The Blog Designer WordPress plugin before 2.4.1 does not validate and escape one of its shortcode attributes, which could all... | 5.4 - MEDIUM | 2023-01-30 | 2023-11-07 |