Code Quality Control Tool

5.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Description

The Code Quality Control Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in version 0.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files.

Basic Information

ID CVE-2025-8484

Source Wordfence

Published Oct 11, 2025 at 09:28

Affected Product

Vendor nickclarkweb

Product Code Quality Control Tool

Version *

Affected Versions nickclarkweb Code Quality Control Tool *

CWE Classification

CWE-200

References

{
    "lastseen": "",
    "description": "The Code Quality Control Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in version 0.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files.",
    "published": "2025-10-11T09:28:40.032Z",
    "modified": "2025-10-11T09:28:40.032Z",
    "type": "cve",
    "title": "Code Quality Control Tool <= 0.1 - Unauthenticated Information Exposure via Log Files",
    "source": "Wordfence",
    "references": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b64635f4-abc0-4e69-89e4-357840c5e776?source=cve\nhttps://plugins.trac.wordpress.org/browser/code-quality-control-tool/trunk/error_logger.php#L71",
    "id": "CVE-2025-8484",
    "bulletinFamily": "",
    "cwe": [
        "CWE-200"
    ],
    "cvelist": null,
    "sourceData": "nickclarkweb Code Quality Control Tool *",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Code Quality Control Tool",
    "version": "*",
    "vendor": "nickclarkweb",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Code Quality Control Tool <= 0.1 - Unauthenticated Information Exposure via Log Files_CVE-2025-8484