Vulnerabilities and security researches fordebug-log-manager debug-log-manager

May 06, 2025

CVE, Research URL: CVE-2025-3809
Home page URL: Security reports for Debug Log Manager
Application: Debug Log Manager
Date: Apr 19, 2025
Research Description: The Debug Log Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the auto-refresh debug log in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions: Min -, max -.
Status: vulnerable

Apr 20, 2025

CVE, Research URL: CVE-2025-32613
Home page URL: Security reports for Debug Log Manager
Application: Debug Log Manager
Date: Apr 17, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bowo Debug Log Manager allows Stored XSS. This issue affects Debug Log Manager: from n/a through 2.3.4.
Affected versions: Min -, max -.
Status: vulnerable

Jun 07, 2024

CVE, Research URL: CVE-2023-6383
Home page URL: Security reports for Debug Log Manager
Application: Debug Log Manager
Date: Jan 09, 2024
Research Description: The Debug Log Manager WordPress plugin before 2.3.0 contains a Directory listing vulnerability was discovered, which allows you to download the debug log without authorization and gain access to sensitive data
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2023-6136
Home page URL: Security reports for Debug Log Manager
Application: Debug Log Manager
Date: Nov 30, 2023
Research Description: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Bowo Debug Log Manager.This issue affects Debug Log Manager: from n/a through 2.3.0.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2024-35669
Home page URL: Security reports for Debug Log Manager
Application: Debug Log Manager
Date: Jun 09, 2024
Research Description: Missing Authorization vulnerability in Bowo Debug Log Manager.This issue affects Debug Log Manager: from n/a through 2.3.1.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2024-32582
Home page URL: Security reports for Debug Log Manager
Application: Debug Log Manager
Date: Apr 18, 2024
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bowo Debug Log Manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through 2.3.1.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2023-5772
Home page URL: Security reports for Debug Log Manager
Application: Debug Log Manager
Date: Nov 30, 2023
Research Description: The Debug Log Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.1. This is due to missing or incorrect nonce validation on the clear_log() function. This makes it possible for unauthenticated attackers to clear the debug log via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2024-33915
Home page URL: Security reports for Debug Log Manager
Application: Debug Log Manager
Date: May 03, 2024
Research Description: Missing Authorization vulnerability in Bowo Debug Log Manager.This issue affects Debug Log Manager: from n/a through 2.3.1.
Affected versions: Min -, max -.
Status: vulnerable