VYPR

Error Log Viewer

by WordPress

Source repositories

CVEs (5)

  • CVE-2025-32681HigApr 11, 2025
    risk 0.55cvss 8.5epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Guru Error Log Viewer error-log-viewer-wp allows Blind SQL Injection.This issue affects Error Log Viewer: from n/a through <= 1.0.5.

  • CVE-2021-24761MedFeb 1, 2022
    risk 0.42cvss 6.5epss 0.01

    The Error Log Viewer WordPress plugin before 1.1.2 does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server.

  • CVE-2017-18562MedAug 21, 2019
    risk 0.40cvss 6.1epss 0.01

    The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues.

  • CVE-2021-24966MedMar 14, 2022
    risk 0.35cvss 4.9epss 0.05

    The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder

  • CVE-2025-9950MedOct 11, 2025
    risk 0.32cvss 4.9epss 0.01

    The Error Log Viewer by BestWebSoft plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.6 via the rrrlgvwr_get_file function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read…