CVE-2024-0970

Published: May 15, 2025Modified: Nov 13, 2025

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability: 3.9 / Impact: 1.4

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

This User Activity Tracking and Log WordPress plugin before 4.1.4 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value.

Affected (1)

Products: Mooveagency: User Activity Tracking And Log

Mooveagency

1 product

User Activity Tracking And Log

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mooveagency User Activity Tracking And Log	Before 4.1.4

References (1)

https://wpscan.com/vulnerability/7df6877c-6640-41be-aacb-20c7da61e4db/

Source: contact@wpscan.com

ExploitThird Party Advisory

Timeline

No history available yet.