Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solwin Infotech User Activity Log user-activity-log allows SQL Injection.This issue affects User Activity Log: from n/a through 1.6.2. CreditsLEE SE HYOUNG (Patchstack Alliance)Referenceshttps://patchstack.com/database/vulnerability/user-activity-log/wordpress-user-activity-log-plugin-1-6-2-sql-injection-vulnerability?_s_id=cve