A vulnerability has been found for WPSecurity Audit Log for versions < 4.0.2 .

Broken access control vulnerability affecting version 4.0.1 and below that could lead to privilege escalation, sensitive data exposure and insecure deserialisation.
To exploit the vulnerability, the wizard must not have been completed, otherwise it won’t work

Source: wpvulndb