exploitDog

CVE-2019-25315

Опубликовано: 11 фев. 2026

Источник: nvd

CVSS3: 6.4

EPSS Низкий

Описание

WordPress Server Log Viewer 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through unfiltered log file paths. Attackers can add log files with embedded XSS payloads that will execute when viewed in the WordPress admin interface.

Ссылки

https://github.com/anttiviljami/wp-server-log-viewer
https://www.exploit-db.com/exploits/47419
https://www.vulncheck.com/advisories/wp-server-log-viewer-logfile-persistent-cross-site-scripting

EPSS

Процентиль: 8%

0.00184

Низкий

6.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-gcmq-wqmm-m5gf

CVSS3: 6.4

github

5 месяцев назад

WordPress Server Log Viewer 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through unfiltered log file paths. Attackers can add log files with embedded XSS payloads that will execute when viewed in the WordPress admin interface.

EPSS

Процентиль: 8%

0.00184

Низкий

6.4 Medium

CVSS3

Дефекты

CWE-79