CVE-2025-9888

CVE-2025-9888 affects the Maspik – Ultimate Spam Protection WordPress plugin. According to connected sources, versions up to and including 2.5.6 are vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation in the clear_log function. This (unauthenticated) vulnerabilit...

CVE-2025-9888 Maspik <= 2.5.6 - Cross-Site Request Forgery

The Maspik – Ultimate Spam Protection plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.6. This is due to missing or incorrect nonce validation on the clearlog function. This makes it possible for unauthenticated attackers to clear all spam...

PT-2025-37024

Name of the Vulnerable Software and Affected Versions: Maspik – Ultimate Spam Protection plugin for WordPress versions through 2.5.6 Description: The Maspik – Ultimate Spam Protection plugin for WordPress is susceptible to a Cross-Site Request Forgery issue. This is due to insufficient or incorre...

WordPress plugin Maspik – Ultimate Spam Protection 跨站请求伪造漏洞

WordPress Heateor Maspik - Ultimate Spam Protection plugin is an anti-spam plugin designed specifically for WordPress that protects contact forms, comment areas and signup forms from spam through a variety of technical means. The WordPress Maspik - Ultimate Spam Protection plugin suffers from a...

CVE-2025-6720

The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clearalllog function in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to clear log files...

CVE-2023-5772

The Debug Log Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.1. This is due to missing or incorrect nonce validation on the clearlog function. This makes it possible for unauthenticated attackers to clear the debug log via a forg...

PT-2023-32314 · WordPress · Debug Log Manager

Name of the Vulnerable Software and Affected Versions: Debug Log Manager plugin for WordPress versions up to, and including, 2.2.1 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the clear log function. This allows unauthenticated...

CVE-2023-48087

xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat...

To modify log file properties protect yourself will not be the administrator found-vulnerability warning-the black bar safety net

The log file location is actually stored in the registry,as long as we modify its attributes to mask their intrusion traces, Here only modify the default location,the log size of the property,such as log size 0 0 0 0 0 0 0 1,so that it can not be normal recording, So if you can perfect guarantee...