Eugenbobrowski Debug Tool vulnerabilities
2 known vulnerabilities affecting eugenbobrowski/debug_tool.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-10586P1CRITICALCVSS 9.8ExploitedPoC≤ 2.22024-11-09
CVE-2024-10586 [CRITICAL] CWE-862 CVE-2024-10586: The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing capabi
The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the dbt_pull_image() function and missing file type validation in all versions up to, and including, 2.2. This makes it possible for unauthenticated attackers to to create arbitrary files such as .php files that can be leveraged for re
nvd
CVE-2024-10588P4MEDIUMCVSS 4.3≤ 2.22024-11-09
CVE-2024-10588 [MEDIUM] CWE-862 CVE-2024-10588: The Debug Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing ca
The Debug Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the info() function in all versions up to, and including, 2.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to obtain information from phpinfo(). When WP_DEBUG is enabled, this can be ex
nvd