WordPress Plugin Vulnerabilities
Debug Log Manager < 2.3.0 - Sensitive Logs Exposure
Description
The plugin contains a Directory listing vulnerability was discovered, which allows you to download the debug log without authorization and gain access to sensitive data
Proof of Concept
https://your_site/wordpress/wp-content/uploads/debug-log-manager/
Affects Plugins
References
Classification
Type
SENSITIVE DATA DISCLOSURE
OWASP top 10
CWE
Miscellaneous
Original Researcher
Dmitrii Ignatyev
Submitter
Dmitrii Ignatyev
Submitter website
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2023-12-13 (about 5 months ago)
Added
2023-12-13 (about 5 months ago)
Last Updated
2023-12-14 (about 4 months ago)