cleantalk
Vulnerabilities and Security Researches

Error Log Viewer by BestWebSoft, CVE-2025-9950

CVE, Research URL

CVE-2025-9950

Home page URL

Security reports for Error Log Viewer by BestWebSoft

Application

Error Log Viewer by BestWebSoft

Published on
Oct 11, 2025
Research Description
The Error Log Viewer by BestWebSoft plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.6 via the rrrlgvwr_get_file function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Affected versions
max 1.1.7.
Status
vulnerable
Previous vulnerability researches
Restrict User Registration (CVE-2023-53599) , Nov 10, 2025
Restrict User Registration (CVE-2025-32655) , Apr 14, 2025
New vulnerability
RomethemeKit For Elementor (CVE-2025-62065) , Nov 11, 2025
RomethemeKit For Elementor (CVE-2025-64283) , Nov 11, 2025
Simple Registration for WooCommerce (CVE-2025-12095) , Nov 11, 2025
eRoom – Zoom Meetings & Webinars (CVE-2025-11760) , Nov 11, 2025
TS Demo Importer (CVE-2025-62919) , Nov 11, 2025