CVE-2021-24966

The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:bestwebsoft:error_log_viewer:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-03-14 08:15

Updated : 2022-03-19 20:30


NVD link : CVE-2021-24966

Mitre link : CVE-2021-24966


JSON object : View

CWE
CWE-73

External Control of File Name or Path

Advertisement

dedicated server usa

Products Affected

bestwebsoft

  • error_log_viewer