Error Log Viewer < 1.1.3 – Directory Listing to Sensitive Data Exposure | CVE 2023-6821

Description

The plugin is affected by a Directory Listing issue, allowing users to read and download PHP logs without authorization

Proof of Concept

1) Admin should click on "Save as TXT file" in http://your_site/wordpress/wp-admin/admin.php?page=rrrlgvwr-monitor.php
2) Then someone else can go to wordpress/wp-content/plugins/error-log-viewer/saved_logs and download log file from Index of Title

Affects Plugins

error-log-viewer

Fixed in 1.1.3

References

CVE

CVE-2023-6821

URL

https://research.cleantalk.org/cve-2023-6821/

Classification

Type

SENSITIVE DATA DISCLOSURE

OWASP top 10

A3: Sensitive Data Exposure

CWE

CWE-200

CVSS

3.7 (low)

Miscellaneous

Original Researcher

Dmitrii Ignatyev

Submitter

Dmitrii Ignatyev

Submitter website

https://research.cleantalk.org

Verified

Yes

WPVDB ID

6b1a998d-c97c-4305-b12a-69e29408ebd9

Timeline

Publicly Published

2024-02-20 (about 1 year ago)

Added

2024-02-20 (about 1 year ago)

Last Updated

2024-08-29 (about 1 year ago)

Other

Published

Title

Published

2022-01-03

Title

Document Embedder < 1.7.9 - Subscriber+ Arbitrary Private/Draft Post Title Disclosure

Published

2024-03-05

Title

Backup and Restore WordPress < 1.50 - Unauthenticated Sensitive Data Exposure

Published

2025-05-16

Title

Plant - Gardening & Houseplants WordPress Theme <= 1.0.0 - Unauthenticated Information Exposure

Published

2024-04-22

Title

Email Customizer for WooCommerce | Drag and Drop Email Templates Builder < 2.6.1 - Information Exposure

Published

2024-04-05

Title

FG Drupal to WordPress < 3.71.0 - Sensitive Information Exposure