A vulnerability identified as critical has been detected in activity-log WP Sessions Time Monitoring Full Automatic Plugin up to 1.1.4 on WordPress. This vulnerability affects unknown code. This manipulation causes sql injection. This vulnerability is registered as CVE-2026-39581 . Remote exploitation of the attack is possible. No exploit is available.