Vulnerabilities > Bowo

DATE CVE VULNERABILITY TITLE RISK
2024-10-30 CVE-2023-5816 Unspecified vulnerability in Bowo Code Explorer
The Code Explorer plugin for WordPress is vulnerable to arbitrary external file reading in all versions up to, and including, 1.4.5.
network
low complexity
bowo
4.9
2024-06-09 CVE-2024-35669 Unspecified vulnerability in Bowo Debug LOG Manager
Missing Authorization vulnerability in Bowo Debug Log Manager.This issue affects Debug Log Manager: from n/a through 2.3.1.
network
low complexity
bowo
8.8
2024-01-08 CVE-2023-6383 Missing Authorization vulnerability in Bowo Debug LOG Manager
The Debug Log Manager WordPress plugin before 2.3.0 contains a Directory listing vulnerability was discovered, which allows you to download the debug log without authorization and gain access to sensitive data
network
low complexity
bowo CWE-862
7.5
2023-12-07 CVE-2023-5710 Missing Authorization vulnerability in Bowo System Dashboard 2.8.7
The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_constants() function hooked via an AJAX action in all versions up to, and including, 2.8.7.
network
low complexity
bowo CWE-862
4.3
2023-12-07 CVE-2023-5711 Missing Authorization vulnerability in Bowo System Dashboard 2.8.7
The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_php_info() function hooked via an AJAX action in all versions up to, and including, 2.8.7.
network
low complexity
bowo CWE-862
4.3
2023-12-07 CVE-2023-5712 Missing Authorization vulnerability in Bowo System Dashboard 2.8.7
The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_global_value() function hooked via an AJAX action in all versions up to, and including, 2.8.7.
network
low complexity
bowo CWE-862
4.3
2023-12-07 CVE-2023-5713 Missing Authorization vulnerability in Bowo System Dashboard 2.8.7
The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_option_value() function hooked via an AJAX action in all versions up to, and including, 2.8.7.
network
low complexity
bowo CWE-862
4.3
2023-12-07 CVE-2023-5714 Missing Authorization vulnerability in Bowo System Dashboard 2.8.7
The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sd_db_specs() function hooked via an AJAX action in all versions up to, and including, 2.8.7.
network
low complexity
bowo CWE-862
4.3
2023-11-30 CVE-2023-6136 Unspecified vulnerability in Bowo Debug LOG Manager
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Bowo Debug Log Manager.This issue affects Debug Log Manager: from n/a through 2.3.0.
network
low complexity
bowo
7.5
2023-11-30 CVE-2023-5772 Cross-Site Request Forgery (CSRF) vulnerability in Bowo Debug LOG Manager
The Debug Log Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.1.
network
low complexity
bowo CWE-352
4.3