CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-24176

The JH 404 Logger WordPress plugin through 1.1 doesn't sanitise the referer and path of 404 pages, when they are output in the dashboard, which leads to executing arbitrary JavaScript code in the WordPress dashboard.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.213

EPSS Ranking 95.4%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://ganofins.com/blog/my-first-cve-2021-24176/
https://wpscan.com/vulnerability/705bcd6e-6817-4f89-be37-901a767b0585
https://ganofins.com/blog/my-first-cve-2021-24176/
https://wpscan.com/vulnerability/705bcd6e-6817-4f89-be37-901a767b0585

Products affected by CVE-2021-24176

Jh 404 Logger Project » Jh 404 Logger » Version: N/A

cpe:2.3:a:jh_404_logger_project:jh_404_logger:-
Jh 404 Logger Project » Jh 404 Logger » Version: 1.1

cpe:2.3:a:jh_404_logger_project:jh_404_logger:1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24176

Products

Pricing

Contact Us