81 matches found
CVE-2025-3809
The Debug Log Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the auto-refresh debug log in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
CVE-2025-32613
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bowo Debug Log Manager debug-log-manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through = 2.3.4...
CVE-2025-3809 Debug Log Manager <= 2.3.4 - Unauthenticated Stored Cross-Site Scripting
The Debug Log Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the auto-refresh debug log in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
CVE-2025-3809
The CVE-2025-3809 entry concerns the WordPress Debug Log Manager plugin, which has an unauthenticated Stored XSS vulnerability in the auto-refresh debug log feature. Affected versions include all up to and including 2.3.4, with exploitation enabling injection of scripts that run when users open t...
CVE-2025-3809 Debug Log Manager <= 2.3.4 - Unauthenticated Stored Cross-Site Scripting
The Debug Log Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the auto-refresh debug log in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
PT-2025-17358 · WordPress · Debug Log Manager
Name of the Vulnerable Software and Affected Versions: Debug Log Manager plugin for WordPress versions up to, and including, 2.3.4 Description: The issue is related to Stored Cross-Site Scripting via the auto-refresh debug log due to insufficient input sanitization and output escaping. This allow...
WordPress plugin Debug Log Manager 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
CVE-2025-32613
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bowo Debug Log Manager debug-log-manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through = 2.3.4...
CVE-2025-32613 WordPress Debug Log Manager plugin <= 2.3.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bowo Debug Log Manager debug-log-manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through = 2.3.4...
CVE-2025-32613 WordPress Debug Log Manager plugin <= 2.3.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bowo Debug Log Manager allows Stored XSS. This issue affects Debug Log Manager: from n/a through 2.3.4...
CVE-2025-32613
The CVE-2025-32613 issue affects Bowo Debug Log Manager up to version 2.3.4, with Stored XSS caused by improper neutralization of input during web page generation. The PT-2025-17139 entry confirms the vulnerability and recommends updating to a fixed version, though no specific patched version is ...
PT-2025-17139 · Unknown · Bowo Debug Log Manager
Name of the Vulnerable Software and Affected Versions: Bowo Debug Log Manager versions through 2.3.4 Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means that an attacker can inject malicious...
WordPress plugin Debug Log Manager 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
CVE-2024-32582
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bowo Debug Log Manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through 2.3.1...
Debug Log Manager < 2.3.2 - Missing Authorization
Description The Debug Log Manager plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the getlatestentries and disablewpfileeditor functions in versions up to, and including, 2.3.1. This makes it possible for authenticated...
CVE-2024-35669
Missing Authorization vulnerability in Bowo Debug Log Manager.This issue affects Debug Log Manager: from n/a through 2.3.1...
CVE-2024-35669 WordPress Debug Log Manager plugin <= 2.3.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Bowo Debug Log Manager.This issue affects Debug Log Manager: from n/a through 2.3.1...
CVE-2024-35669 WordPress Debug Log Manager plugin <= 2.3.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Bowo Debug Log Manager.This issue affects Debug Log Manager: from n/a through 2.3.1...
CVE-2024-35669
CVE-2024-35669 is a Missing Authorization flaw in the WordPress plugin Debug Log Manager, affecting versions up to 2.3.1. The CVSSv3.1 base score is 8.8 (High). The connected Wordfence entry shows the vulnerability patch as Patched (no exploitation details provided). Monitor for updates and verif...
WordPress plugin Debug Log Manager security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...