Lucene search
K

62 matches found

Vulnrichment
Vulnrichment
added 2025/04/11 8:43 a.m.4 views

CVE-2025-32681 WordPress Error Log Viewer By WP Guru plugin <= 1.0.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Guru Error Log Viewer allows Blind SQL Injection. This issue affects Error Log Viewer: from n/a through 1.0.5...

8.5CVSS7.6AI score0.0043EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/11 12:0 a.m.3 views

WordPress plugin Error Log Viewer SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A SQL injection...

8.5CVSS9AI score0.0043EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/11 12:0 a.m.7 views

PT-2025-16098 · Unknown · Error Log Viewer

Name of the Vulnerable Software and Affected Versions: Error Log Viewer versions 1.0.5 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, due to the improper neutralization of special elements used in an SQL command. This allows fo...

8.5CVSS9AI score0.0043EPSS
Exploits0References7
NVD
NVD
added 2025/01/07 6:15 a.m.15 views

CVE-2024-12849

The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1.3 via the wpajaxnoprivelvwplogdownload AJAX action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, whi...

7.5CVSS0.47137EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/01/07 5:23 a.m.11 views

CVE-2024-12849 Error Log Viewer By WP Guru <= 1.0.1.3 - Missing Authorization to Unauthenticated Arbitrary File Read

The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1.3 via the wpajaxnoprivelvwplogdownload AJAX action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, whi...

7.5CVSS7.4AI score0.47137EPSS
Exploits1References4
CVE
CVE
added 2025/01/07 5:23 a.m.95 views

CVE-2024-12849

The Error Log Viewer By WP Guru WordPress plugin (up to version 1.0.1.3) is affected by an Arbitrary File Read through the wp_ajax_nopriv_elvwp_log_download action. Unauthenticated attackers can read arbitrary server files, exposing sensitive data. Remediation: upgrade the plugin to a version new...

7.5CVSS7.4AI score0.47137EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.14 views

PT-2025-1964 · Wp Guru · Error Log Viewer By Wp Guru

Name of the Vulnerable Software and Affected Versions: Error Log Viewer By WP Guru plugin for WordPress versions up to, and including, 1.0.1.3 Description: The issue allows unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information, vi...

7.5CVSS7AI score0.47137EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.15 views

WordPress plugin Error Log Viewer By WP Guru 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in...

7.5CVSS7.9AI score0.47137EPSS
Exploits1References4
Patchstack
Patchstack
added 2025/01/06 7:7 p.m.11 views

WordPress Error Log Viewer plugin <= 1.0.1.3 - Missing Authorization to Unauthenticated Arbitrary File Read vulnerability

Missing Authorization to Unauthenticated Arbitrary File Read vulnerability discovered by yudha in WordPress Plugin Error Log Viewer versions = 1.0.1.3...

7.5CVSS7AI score0.47137EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/03/19 12:0 a.m.10 views

WordPress Error Log Viewer by BestWebSoft Plugin < 1.1.3 is vulnerable to Sensitive Data Exposure

Software Error Log Viewer by BestWebSoft Type Plugin Vulnerable versions 1.1.3 Fixed in 1.1.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-6821 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 5e5f4366a821 Credits Dmitrii...

6.5AI score0.00587EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2024/03/18 7:15 p.m.4 views

CVE-2023-6821

The Error Log Viewer by BestWebSoft WordPress plugin before 1.1.3 is affected by a Directory Listing issue, allowing users to read and download PHP logs without authorization...

6.5CVSS7.3AI score0.00587EPSS
Exploits2References1
CVE
CVE
added 2024/03/18 7:5 p.m.79 views

CVE-2023-6821

CVE-2023-6821 affects the WordPress plugin Error Log Viewer by BestWebSoft prior to version 1.1.3. It enables directory listing that allows unauthorized reading and downloading of PHP logs, exposing sensitive data. Public references (NVD/Red Hat/PatchStack) confirm the issue and indicate the fix ...

6.5CVSS9.3AI score0.00587EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/18 7:5 p.m.12 views

CVE-2023-6821 Error Log Viewer < 1.1.3 - Directory Listing to Sensitive Data Exposure

The Error Log Viewer by BestWebSoft WordPress plugin before 1.1.3 is affected by a Directory Listing issue, allowing users to read and download PHP logs without authorization...

6.6AI score0.00587EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/03/18 7:5 p.m.32 views

CVE-2023-6821 Error Log Viewer < 1.1.3 - Directory Listing to Sensitive Data Exposure

The Error Log Viewer by BestWebSoft WordPress plugin before 1.1.3 is affected by a Directory Listing issue, allowing users to read and download PHP logs without authorization...

6.6AI score0.00587EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2024/02/27 12:0 a.m.6 views

PT-2024-15099 · Bestwebsoft · Error Log Viewer

Name of the Vulnerable Software and Affected Versions: The Error Log Viewer by BestWebSoft WordPress plugin versions prior to 1.1.3 Description: The issue allows users to read and download PHP logs without authorization, potentially exposing sensitive data. This is a Directory Listing issue...

6.5CVSS9.5AI score0.00587EPSS
Exploits2References8
wpexploit
wpexploit
added 2024/02/20 12:0 a.m.133 views

Error Log Viewer < 1.1.3 - Directory Listing to Sensitive Data Exposure

Description The plugin contains a vulnerability that allows you to read and download PHP logs without authorization 1 Admin should click on "Save as TXT file" in http://yoursite/wordpress/wp-admin/admin.php?page=rrrlgvwr-monitor.php 2 Then someone else can go to...

8.7AI score0.00587EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2024/02/20 12:0 a.m.22 views

Error Log Viewer < 1.1.3 - Directory Listing to Sensitive Data Exposure

Description The plugin contains a vulnerability that allows you to read and download PHP logs without authorization PoC 1 Admin should click on "Save as TXT file" in http://yoursite/wordpress/wp-admin/admin.php?page=rrrlgvwr-monitor.php 2 Then someone else can go to...

8.6AI score0.00587EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2022/03/14 3:15 p.m.32 views

CVE-2021-24966

The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder...

4.9CVSS0.05188EPSS
Exploits5References1
Prion
Prion
added 2022/03/14 3:15 p.m.22 views

Path traversal

The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder...

4CVSS5AI score0.05188EPSS
Exploits5References1Affected Software1
Cvelist
Cvelist
added 2022/03/14 2:41 p.m.36 views

CVE-2021-24966 Error Log Viewer Plugin <= 1.1.1 - Admin+ Arbitrary File Clearing

The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder...

5.4AI score0.05188EPSS
Exploits5References1
Rows per page
Query Builder