WordPress Debug Log Viewer plugin <= 2.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Debug Log Viewer versions = 2.0.3...

U.S. Dept Of Defense: Information Disclosure via Publicly Accessible Debug Log

A publicly accessible WordPress debug log file was discovered on the target system. The log file contained PHP warnings and deprecated notices that disclosed sensitive server paths and plugin details. This exposure may have assisted an attacker in fingerprinting the environment or exploiting know...

CVE-2025-32613 WordPress Debug Log Manager plugin <= 2.3.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bowo Debug Log Manager debug-log-manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through = 2.3.4...

PT-2024-36843 · WordPress · Cf7 Google Sheets Connector

Name of the Vulnerable Software and Affected Versions: CF7 Google Sheets Connector plugin for WordPress versions up to, and including, 5.0.9 Description: The issue is related to a missing capability check on the execute post data cg7 free function, allowing unauthenticated attackers to modify dat...

WordPress Debug Log Manager Plugin <= 2.3.1 is vulnerable to Broken Access Control

Software Debug Log Manager Type Plugin Vulnerable versions = 2.3.1 Fixed in 2.3.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-35669 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID dd8601aecb9c Credits Majed Refaea Required...

WordPress Debug Log – Manger Tool Plugin <= 1.4.5 is vulnerable to Sensitive Data Exposure

Software Debug Log – Manger Tool Type Plugin Vulnerable versions = 1.4.5 Fixed in 1.5 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2024-34798 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 669450ad8391 Credits emad Required...

WordPress Debug Log Manager Plugin <= 2.3.1 is vulnerable to Broken Access Control

Software Debug Log Manager Type Plugin Vulnerable versions = 2.3.1 Fixed in 2.3.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33915 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID efb3a7ad5830 Credits Dhabaleshwar Das Required...

WordPress Debug Log Manager Plugin <= 2.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Debug Log Manager Type Plugin Vulnerable versions = 2.3.1 Fixed in 2.3.2 OWASP Top 10 A4: Insecure Design Classification Cross Site Scripting XSS CVE CVE-2024-32582 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1f92fe55cb9f Credits Majed Refaea Required...

WordPress Debug Log Manager Plugin <= 2.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Debug Log Manager Type Plugin Vulnerable versions = 2.2.1 Fixed in 2.2.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5772 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f9180ed4b5d0 Credits Dmitrii Ignatyev...

WordPress Debug Log Manager Plugin <= 2.3.0 is vulnerable to Sensitive Data Exposure

Software Debug Log Manager Type Plugin Vulnerable versions = 2.3.0 Fixed in 2.3.1 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-6136 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 1d071b872ee6 Credits Joshua...