CVE-2021-24966
Error Log Viewer Plugin <= 1.1.1 - Admin+ Arbitrary File Clearing
The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder
Affected products
Unknown · Error Log Viewer by BestWebSoftpublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/50746unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →