Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qriouslad vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2025-3809
The Debug Log Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the auto-refresh debug log in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated malicious user...
Qriouslad Debug Log Manager
6.1
CVSSv3
CVE-2024-12299
The System Dashboard plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the Filename parameter in all versions up to, and including, 2.8.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated malicious users...
Qriouslad System Dashboard
Bowo System Dashboard
4.3
CVSSv3
CVE-2023-5714
The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_db_specs() function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with s...
Qriouslad System Dashboard
Bowo System Dashboard
4.3
CVSSv3
CVE-2023-5710
The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_constants() function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with ...
Qriouslad System Dashboard
Bowo System Dashboard
4.3
CVSSv3
CVE-2023-5712
The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_global_value() function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, wi...
Qriouslad System Dashboard
Bowo System Dashboard
4.9
CVSSv3
CVE-2023-5816
The Code Explorer plugin for WordPress is vulnerable to arbitrary external file reading in all versions up to, and including, 1.4.5. This is due to the fact that the plugin does not restrict accessing files to those outside of the WordPress instance, though the intention of the p...
Qriouslad Code Explorer
Bowo Code Explorer
4.3
CVSSv3
CVE-2023-5711
The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_php_info() function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with s...
Qriouslad System Dashboard
Bowo System Dashboard
4.3
CVSSv3
CVE-2023-5713
The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_option_value() function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, wi...
Qriouslad System Dashboard
Bowo System Dashboard
4.3
CVSSv3
CVE-2023-5772
The Debug Log Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.1. This is due to missing or incorrect nonce validation on the clear_log() function. This makes it possible for unauthenticated malicious users to clea...
Qriouslad Debug Log Manager
Bowo Debug Log Manager
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
asterisk
wire-webapp
CVE-2025-4692
cyberdava
CVE-2024-13950
CVE-2025-40775
mobile dynamix
CVE-2024-13949
CVE-2024-13948
CVE-2025-4664
remote attackers
unauthorized
hard-coded
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
Vulmon