The Error Log Viewer WordPress plugin prior to 1.1.2 does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow malicious users to make a logged in admin delete arbitrary text files on the web server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bestwebsoft error log viewer |