CVE-2021-24966

The CVE-2021-24966 entry maps to the WordPress plugin Error Log Viewer (

CVE-2023-6821

CVE-2023-6821 affects the WordPress plugin Error Log Viewer by BestWebSoft prior to version 1.1.3. It enables directory listing that allows unauthorized reading and downloading of PHP logs, exposing sensitive data. Public references (NVD/Red Hat/PatchStack) confirm the issue and indicate the fix ...

CVE-2017-18562

CVE-2017-18562 affects the WordPress Error Log Viewer plugin by BestWebSoft prior to version 1.0.6. The connected documents confirm multiple XSS flaws in this plugin, enabling an authenticated attacker to execute arbitrary JavaScript in victims’ browsers (potentially stealing session data or acti...

CVE-2017-2171

CVE-2017-2171 detail: A cross-site scripting vulnerability affects BestWebSoft WordPress plugins that display the BestWebSoft menu. The issue arises from a common function used to render the menu (CWE-79), enabling remote attackers to execute arbitrary script in a logged-in user’s browser. Affect...

CVE-2021-24761

The CVE concerns the WordPress plugin Error Log Viewer (versions prior to 1.1.2). The underlying issue is lack of nonce verification when deleting a log file and absence of path traversal prevention, enabling a logged-in administrator to delete arbitrary text files on the web server. Affected com...