62 matches found
CVE-2025-32681 WordPress Error Log Viewer By WP Guru plugin <= 1.0.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Guru Error Log Viewer allows Blind SQL Injection. This issue affects Error Log Viewer: from n/a through 1.0.5...
WordPress plugin Error Log Viewer SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A SQL injection...
PT-2025-16098 · Unknown · Error Log Viewer
Name of the Vulnerable Software and Affected Versions: Error Log Viewer versions 1.0.5 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, due to the improper neutralization of special elements used in an SQL command. This allows fo...
CVE-2024-12849
The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1.3 via the wpajaxnoprivelvwplogdownload AJAX action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, whi...
CVE-2024-12849 Error Log Viewer By WP Guru <= 1.0.1.3 - Missing Authorization to Unauthenticated Arbitrary File Read
The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1.3 via the wpajaxnoprivelvwplogdownload AJAX action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, whi...
CVE-2024-12849
The Error Log Viewer By WP Guru WordPress plugin (up to version 1.0.1.3) is affected by an Arbitrary File Read through the wp_ajax_nopriv_elvwp_log_download action. Unauthenticated attackers can read arbitrary server files, exposing sensitive data. Remediation: upgrade the plugin to a version new...
PT-2025-1964 · Wp Guru · Error Log Viewer By Wp Guru
Name of the Vulnerable Software and Affected Versions: Error Log Viewer By WP Guru plugin for WordPress versions up to, and including, 1.0.1.3 Description: The issue allows unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information, vi...
WordPress plugin Error Log Viewer By WP Guru 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in...
WordPress Error Log Viewer plugin <= 1.0.1.3 - Missing Authorization to Unauthenticated Arbitrary File Read vulnerability
Missing Authorization to Unauthenticated Arbitrary File Read vulnerability discovered by yudha in WordPress Plugin Error Log Viewer versions = 1.0.1.3...
WordPress Error Log Viewer by BestWebSoft Plugin < 1.1.3 is vulnerable to Sensitive Data Exposure
Software Error Log Viewer by BestWebSoft Type Plugin Vulnerable versions 1.1.3 Fixed in 1.1.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-6821 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 5e5f4366a821 Credits Dmitrii...
CVE-2023-6821
The Error Log Viewer by BestWebSoft WordPress plugin before 1.1.3 is affected by a Directory Listing issue, allowing users to read and download PHP logs without authorization...
CVE-2023-6821
CVE-2023-6821 affects the WordPress plugin Error Log Viewer by BestWebSoft prior to version 1.1.3. It enables directory listing that allows unauthorized reading and downloading of PHP logs, exposing sensitive data. Public references (NVD/Red Hat/PatchStack) confirm the issue and indicate the fix ...
CVE-2023-6821 Error Log Viewer < 1.1.3 - Directory Listing to Sensitive Data Exposure
The Error Log Viewer by BestWebSoft WordPress plugin before 1.1.3 is affected by a Directory Listing issue, allowing users to read and download PHP logs without authorization...
CVE-2023-6821 Error Log Viewer < 1.1.3 - Directory Listing to Sensitive Data Exposure
The Error Log Viewer by BestWebSoft WordPress plugin before 1.1.3 is affected by a Directory Listing issue, allowing users to read and download PHP logs without authorization...
PT-2024-15099 · Bestwebsoft · Error Log Viewer
Name of the Vulnerable Software and Affected Versions: The Error Log Viewer by BestWebSoft WordPress plugin versions prior to 1.1.3 Description: The issue allows users to read and download PHP logs without authorization, potentially exposing sensitive data. This is a Directory Listing issue...
Error Log Viewer < 1.1.3 - Directory Listing to Sensitive Data Exposure
Description The plugin contains a vulnerability that allows you to read and download PHP logs without authorization 1 Admin should click on "Save as TXT file" in http://yoursite/wordpress/wp-admin/admin.php?page=rrrlgvwr-monitor.php 2 Then someone else can go to...
Error Log Viewer < 1.1.3 - Directory Listing to Sensitive Data Exposure
Description The plugin contains a vulnerability that allows you to read and download PHP logs without authorization PoC 1 Admin should click on "Save as TXT file" in http://yoursite/wordpress/wp-admin/admin.php?page=rrrlgvwr-monitor.php 2 Then someone else can go to...
CVE-2021-24966
The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder...
Path traversal
The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder...
CVE-2021-24966 Error Log Viewer Plugin <= 1.1.1 - Admin+ Arbitrary File Clearing
The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder...