CVE-2019-25315

Name of the Vulnerable Software and Affected Versions WordPress Server Log Viewer version 1.0

Description The software contains a persistent cross-site scripting issue that allows attackers to inject malicious scripts through unfiltered log file paths. Attackers can add log files containing XSS payloads that will execute when viewed within the WordPress admin interface. The vulnerability allows for the injection of scripts through the logfile parameter.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.