VYPR

Atec Debug

by WordPress

Source repositories

CVEs (3)

  • CVE-2025-9518HigSep 4, 2025
    risk 0.47cvss 7.2epss 0.01

    The atec Debug plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation on the 'debug_path' parameter in all versions up to, and including, 1.2.22. This makes it possible for authenticated attackers, with Administrator-level access…

  • CVE-2025-9517HigSep 4, 2025
    risk 0.47cvss 7.2epss 0.01

    The atec Debug plugin for WordPress is vulnerable to remote code execution in all versions up to, and including, 1.2.22 via the 'custom_log' parameter. This is due to insufficient sanitization when saving the custom log path. This makes it possible for authenticated attackers,…

  • CVE-2025-9516MedSep 4, 2025
    risk 0.32cvss 4.9epss 0.00

    The atec Debug plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.2.22 via the 'custom_log' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to view the contents of files…