6 matches found
CVE-2021-24966 Error Log Viewer Plugin <= 1.1.1 - Admin+ Arbitrary File Clearing
The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder...
CVE-2021-24966
The CVE-2021-24966 entry maps to the WordPress plugin Error Log Viewer (
WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing (Authenticated)
Exploit Title: WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing Authenticated Date: 09-11-2021 Exploit Author: Ceylan Bozogullarindan Exploit Website: https://bozogullarindan.com Vendor Homepage: https://bestwebsoft.com/ Software Link:...
WordPress Error Log Viewer 1.1.1 Plugin - Arbitrary File Clearing (Authenticated) Vulnerability
Exploit Title: WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing Authenticated Exploit Author: Ceylan Bozogullarindan Exploit Website: https://bozogullarindan.com Vendor Homepage: https://bestwebsoft.com/ Software Link:...
Error Log Viewer Plugin <= 1.1.1 - Admin+ Arbitrary File Clearing
The plugin does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder PoC Click the "Log Monitor" available under Error Log Viewer menu item. Choose a log file to clear. Intercept the...
Error Log Viewer Plugin <= 1.1.1 - Admin+ Arbitrary File Clearing
The plugin does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder Click the "Log Monitor" available under Error Log Viewer menu item. Choose a log file to clear. Intercept the reques...