Lucene search
+L

62 matches found

Cvelist
Cvelist
added 2022/03/14 2:41 p.m.38 views

CVE-2021-24966 Error Log Viewer Plugin <= 1.1.1 - Admin+ Arbitrary File Clearing

The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder...

5.4AI score0.05188EPSS
Exploits5References1
CNNVD
CNNVD
added 2022/02/16 12:0 a.m.7 views

WordPress plugin Error Log Viewer 安全漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. WordPress plugin Error Log Viewer has a...

4.9CVSS5.6AI score0.05188EPSS
Exploits5References4
0day.today
0day.today
added 2022/02/16 12:0 a.m.222 views

WordPress Error Log Viewer 1.1.1 Plugin - Arbitrary File Clearing (Authenticated) Vulnerability

Exploit Title: WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing Authenticated Exploit Author: Ceylan Bozogullarindan Exploit Website: https://bozogullarindan.com Vendor Homepage: https://bestwebsoft.com/ Software Link:...

4.9CVSS0.2AI score0.05188EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/02/16 12:0 a.m.206 views

WordPress Error Log Viewer 1.1.1 Arbitrary File Deletion

Exploit Title: WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing Authenticated Date: 09-11-2021 Exploit Author: Ceylan Bozogullarindan Exploit Website: https://bozogullarindan.com Vendor Homepage: https://bestwebsoft.com/ Software Link:...

0.2AI score0.05188EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/16 12:0 a.m.347 views

WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing (Authenticated)

Exploit Title: WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing Authenticated Date: 09-11-2021 Exploit Author: Ceylan Bozogullarindan Exploit Website: https://bozogullarindan.com Vendor Homepage: https://bestwebsoft.com/ Software Link:...

4.9CVSS5.2AI score0.05188EPSS
Exploits5
OSV
OSV
added 2022/02/01 1:15 p.m.4 views

CVE-2021-24761

The Error Log Viewer WordPress plugin before 1.1.2 does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server...

6.5CVSS5.9AI score0.00599EPSS
Exploits2References1
NVD
NVD
added 2022/02/01 1:15 p.m.22 views

CVE-2021-24761

The Error Log Viewer WordPress plugin before 1.1.2 does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server...

6.5CVSS0.00599EPSS
Exploits2References1
Prion
Prion
added 2022/02/01 1:15 p.m.26 views

Path traversal

The Error Log Viewer WordPress plugin before 1.1.2 does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server...

4.3CVSS6.5AI score0.00599EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2022/02/01 12:21 p.m.64 views

CVE-2021-24761

The CVE concerns the WordPress plugin Error Log Viewer (versions prior to 1.1.2). The underlying issue is lack of nonce verification when deleting a log file and absence of path traversal prevention, enabling a logged-in administrator to delete arbitrary text files on the web server. Affected com...

6.5CVSS6.5AI score0.00599EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/02/01 12:21 p.m.20 views

CVE-2021-24761 Error Log Viewer < 1.1.2 - Arbitrary Text File Deletion via CSRF

The Error Log Viewer WordPress plugin before 1.1.2 does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server...

6.7AI score0.00599EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2022/02/01 12:0 a.m.8 views

PT-2022-9457 · WordPress · Error Log Viewer

Name of the Vulnerable Software and Affected Versions: Error Log Viewer WordPress plugin versions prior to 1.1.2 Description: The issue concerns a lack of nonce check when deleting a log file and the absence of path traversal prevention. This could allow attackers to make a logged-in admin delete...

6.5CVSS6.5AI score0.00599EPSS
Exploits2References4
CNNVD
CNNVD
added 2022/02/01 12:0 a.m.7 views

WordPress plugin Error Log Viewer 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in...

6.5CVSS6.6AI score0.00599EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2021/12/29 12:0 a.m.16 views

Error Log Viewer < 1.1.2 - Arbitrary Text File Deletion via CSRF

The plugin does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server. PoC On Web Servers other than Windows, the...

6.5CVSS2.6AI score0.00599EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2021/12/29 12:0 a.m.93 views

Error Log Viewer < 1.1.2 - Arbitrary Text File Deletion via CSRF

The plugin does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server. On Web Servers other than Windows, the /wp-content/plugins/error-log-viewer/savedlogs/...

6.5CVSS0.9AI score0.00599EPSS
Exploits2
Patchstack
Patchstack
added 2021/12/29 12:0 a.m.18 views

WordPress Error Log Viewer plugin <= 1.1.1 - Arbitrary Text File Deletion via Cross-Site Request Forgery (CSRF) vulnerability

Arbitrary Text File Deletion via Cross-Site Request Forgery CSRF vulnerability discovered by apple502j in WordPress Error Log Viewer plugin versions = 1.1.1. Solution Update the WordPress Error Log Viewer plugin to the latest available version at least 1.1.2...

6.5CVSS3.7AI score0.00599EPSS
Exploits2References3Affected Software1
WPVulnDB
WPVulnDB
added 2021/11/10 12:0 a.m.18 views

Error Log Viewer Plugin <= 1.1.1 - Admin+ Arbitrary File Clearing

The plugin does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder PoC Click the "Log Monitor" available under Error Log Viewer menu item. Choose a log file to clear. Intercept the...

1AI score0.05188EPSS
Exploits5Affected Software1
wpexploit
wpexploit
added 2021/11/10 12:0 a.m.75 views

Error Log Viewer Plugin <= 1.1.1 - Admin+ Arbitrary File Clearing

The plugin does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder Click the "Log Monitor" available under Error Log Viewer menu item. Choose a log file to clear. Intercept the reques...

0.9AI score0.05188EPSS
Exploits5
CNVD
CNVD
added 2019/08/23 12:0 a.m.5 views

WordPress error-log-viewer plugin cross-site scripting vulnerability

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. error-log-viewer is an error log viewer plugin used in it. A cross-site scripting vulnerability exists in the WordPress...

6.1CVSS6.3AI score0.01384EPSS
Exploits1References1
OSV
OSV
added 2019/08/21 7:15 p.m.4 views

CVE-2017-18562

The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues...

6.1CVSS5.8AI score0.01384EPSS
Exploits1References1
Prion
Prion
added 2019/08/21 7:15 p.m.13 views

Cross site scripting

The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues...

4.3CVSS6AI score0.01384EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder