Primary

Context

Developer Loggers for Simple History Local File Inclusion Vulnerability

Vulnerability

A local file inclusion vulnerability has been identified in the Developer Loggers for Simple History WordPress plugin, affecting all versions up to and including 0.5. The vulnerability arises in the enabled_loggers parameter, allowing authenticated attackers with Administrator-level access to include and execute arbitrary PHP files on the server. This exploitation could bypass access controls, access sensitive data, or execute code in cases where PHP files can be uploaded and included.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive data, bypassing of access controls, or execution of malicious code on the server.

Remediation

Users are advised to update the plugin to version 0.5.1 or a newer patched version.

Added: Sep 17, 2025, 2:24 AM

Updated: Sep 17, 2025, 2:24 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.5

remediation

7.7

relevance

0.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.5

remediation

7.7

relevance

0.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Developer Loggers for Simple History Local File Inclusion Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating