cleantalk
Vulnerabilities and Security Researches

Error Log Viewer by BestWebSoft, CVE-2025-9950

CVE, Research URL

CVE-2025-9950

Home page URL

Security reports for Error Log Viewer by BestWebSoft

Application

Error Log Viewer by BestWebSoft

Published on
Oct 11, 2025
Research Description
The Error Log Viewer by BestWebSoft plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.6 via the rrrlgvwr_get_file function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Affected versions
max 1.1.7.
Status
vulnerable
Previous vulnerability researches
Cinza Grid (CVE-2025-11824) , Nov 10, 2025
New vulnerability
Toast Mobile Menu – PageSpeed Insights Friendly (CVE-2025-53238) , Nov 11, 2025
Stripe Payment forms for WordPress Plugin – WP Full Pay (CVE-2025-9322) , Nov 11, 2025
RomethemeKit For Elementor (CVE-2025-62065) , Nov 11, 2025
RomethemeKit For Elementor (CVE-2025-64283) , Nov 11, 2025
Simple Registration for WooCommerce (CVE-2025-12095) , Nov 11, 2025