CVE-2022-33757

An authenticated attacker could read Nessus Debug Log file attachments from the web UI without having the correct privileges to do so. This may lead to the disclosure of information on the scan target and/or the Nessus scan to unauthorized parties able to reach the Nessus instance...

CVE-2022-29806

ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...

CVE-2021-32767

TYPO3 is an open source PHP based web content management system. In versions 9.0.0 through 9.5.27, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0, user credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3...

CVE-2018-20586

bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call...

CVE-2025-23145

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

NPM Debug Log File Detected

An NPM debug log file have been detected on the target web application. These files may contain sensitive information which could assist an attack to conduct further attacks. No source data...

CVE-2025-3809

The Debug Log Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the auto-refresh debug log in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

CVE-2025-32613

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bowo Debug Log Manager debug-log-manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through = 2.3.4...

CVE-2025-3809 Debug Log Manager <= 2.3.4 - Unauthenticated Stored Cross-Site Scripting

The Debug Log Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the auto-refresh debug log in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

CVE-2025-3809

The CVE-2025-3809 entry concerns the WordPress Debug Log Manager plugin, which has an unauthenticated Stored XSS vulnerability in the auto-refresh debug log feature. Affected versions include all up to and including 2.3.4, with exploitation enabling injection of scripts that run when users open t...

CVE-2025-3809 Debug Log Manager <= 2.3.4 - Unauthenticated Stored Cross-Site Scripting

The Debug Log Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the auto-refresh debug log in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

WordPress plugin Debug Log Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2025-17358 · WordPress · Debug Log Manager

Name of the Vulnerable Software and Affected Versions: Debug Log Manager plugin for WordPress versions up to, and including, 2.3.4 Description: The issue is related to Stored Cross-Site Scripting via the auto-refresh debug log due to insufficient input sanitization and output escaping. This allow...

CVE-2025-32613

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bowo Debug Log Manager debug-log-manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through = 2.3.4...

CVE-2025-32613 WordPress Debug Log Manager plugin <= 2.3.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bowo Debug Log Manager debug-log-manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through = 2.3.4...

CVE-2025-32613

The CVE-2025-32613 issue affects Bowo Debug Log Manager up to version 2.3.4, with Stored XSS caused by improper neutralization of input during web page generation. The PT-2025-17139 entry confirms the vulnerability and recommends updating to a fixed version, though no specific patched version is ...

CVE-2025-32613 WordPress Debug Log Manager plugin <= 2.3.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bowo Debug Log Manager allows Stored XSS. This issue affects Debug Log Manager: from n/a through 2.3.4...

WordPress plugin Debug Log Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2025-17139 · Unknown · Bowo Debug Log Manager

Name of the Vulnerable Software and Affected Versions: Bowo Debug Log Manager versions through 2.3.4 Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means that an attacker can inject malicious...

CVE-2025-27391

CVE-2025-27391 affects Apache ActiveMQ Artemis. When debug logging is enabled for the broker, the system logs all broker property values via the ConfigurationImpl logger, potentially exposing sensitive information. Affected versions are from 1.5.1 up to (but not including) 2.40.0. Impact is expos...