62 matches found
CVE-2021-24966 Error Log Viewer Plugin <= 1.1.1 - Admin+ Arbitrary File Clearing
The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder...
WordPress plugin Error Log Viewer 安全漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. WordPress plugin Error Log Viewer has a...
WordPress Error Log Viewer 1.1.1 Plugin - Arbitrary File Clearing (Authenticated) Vulnerability
Exploit Title: WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing Authenticated Exploit Author: Ceylan Bozogullarindan Exploit Website: https://bozogullarindan.com Vendor Homepage: https://bestwebsoft.com/ Software Link:...
WordPress Error Log Viewer 1.1.1 Arbitrary File Deletion
Exploit Title: WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing Authenticated Date: 09-11-2021 Exploit Author: Ceylan Bozogullarindan Exploit Website: https://bozogullarindan.com Vendor Homepage: https://bestwebsoft.com/ Software Link:...
WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing (Authenticated)
Exploit Title: WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing Authenticated Date: 09-11-2021 Exploit Author: Ceylan Bozogullarindan Exploit Website: https://bozogullarindan.com Vendor Homepage: https://bestwebsoft.com/ Software Link:...
CVE-2021-24761
The Error Log Viewer WordPress plugin before 1.1.2 does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server...
CVE-2021-24761
The Error Log Viewer WordPress plugin before 1.1.2 does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server...
Path traversal
The Error Log Viewer WordPress plugin before 1.1.2 does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server...
CVE-2021-24761
The CVE concerns the WordPress plugin Error Log Viewer (versions prior to 1.1.2). The underlying issue is lack of nonce verification when deleting a log file and absence of path traversal prevention, enabling a logged-in administrator to delete arbitrary text files on the web server. Affected com...
CVE-2021-24761 Error Log Viewer < 1.1.2 - Arbitrary Text File Deletion via CSRF
The Error Log Viewer WordPress plugin before 1.1.2 does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server...
PT-2022-9457 · WordPress · Error Log Viewer
Name of the Vulnerable Software and Affected Versions: Error Log Viewer WordPress plugin versions prior to 1.1.2 Description: The issue concerns a lack of nonce check when deleting a log file and the absence of path traversal prevention. This could allow attackers to make a logged-in admin delete...
WordPress plugin Error Log Viewer 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in...
Error Log Viewer < 1.1.2 - Arbitrary Text File Deletion via CSRF
The plugin does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server. PoC On Web Servers other than Windows, the...
Error Log Viewer < 1.1.2 - Arbitrary Text File Deletion via CSRF
The plugin does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server. On Web Servers other than Windows, the /wp-content/plugins/error-log-viewer/savedlogs/...
WordPress Error Log Viewer plugin <= 1.1.1 - Arbitrary Text File Deletion via Cross-Site Request Forgery (CSRF) vulnerability
Arbitrary Text File Deletion via Cross-Site Request Forgery CSRF vulnerability discovered by apple502j in WordPress Error Log Viewer plugin versions = 1.1.1. Solution Update the WordPress Error Log Viewer plugin to the latest available version at least 1.1.2...
Error Log Viewer Plugin <= 1.1.1 - Admin+ Arbitrary File Clearing
The plugin does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder PoC Click the "Log Monitor" available under Error Log Viewer menu item. Choose a log file to clear. Intercept the...
Error Log Viewer Plugin <= 1.1.1 - Admin+ Arbitrary File Clearing
The plugin does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder Click the "Log Monitor" available under Error Log Viewer menu item. Choose a log file to clear. Intercept the reques...
WordPress error-log-viewer plugin cross-site scripting vulnerability
WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. error-log-viewer is an error log viewer plugin used in it. A cross-site scripting vulnerability exists in the WordPress...
CVE-2017-18562
The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues...
Cross site scripting
The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues...