Nixpkgs Security Tracker

Untriaged

Permalink CVE-2025-23684

4.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): NONE

created 6 months, 1 week ago

WordPress Debug Tool plugin <= 2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Eugen Bobrowski Debug Tool allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Debug Tool: from n/a through 2.2.

References

https://patchstack.com/database/wordpress/plugin/debug-tool/vulnerability/wordp… vdb-entry
https://patchstack.com/database/wordpress/plugin/debug-tool/vulnerability/wordp… vdb-entry

Affected products

debug-tool

=<2.2

Matching in nixpkgs

Package maintainers

@yuuyins Yuu Yin <yuunix@grrlz.net>
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.python312Packages.django-debug-toolbar

pkgs.python313Packages.django-debug-toolbar

pkgs.python312Packages.django-graphiql-debug-toolbar

pkgs.python313Packages.django-graphiql-debug-toolbar

Package maintainers