The Error Log Viewer by BestWebSoft WordPress plugin prior to 1.1.3 contains a vulnerability that allows you to read and download PHP logs without authorization