Vulnerability Details CVE-2021-24286
The settings page of the Redirect 404 to parent WordPress plugin before 1.3.1 did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue
Exploit prediction scoring system (EPSS) score
EPSS Score 0.344
EPSS Ranking 96.7%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://packetstormsecurity.com/files/164328/WordPress-Redirect-404-To-Parent-1.3.0-Cross-Site-Scripting.html
- https://wpscan.com/vulnerability/b9a535f3-cb0b-46fe-b345-da3462584e27
- http://packetstormsecurity.com/files/164328/WordPress-Redirect-404-To-Parent-1.3.0-Cross-Site-Scripting.html
- https://wpscan.com/vulnerability/b9a535f3-cb0b-46fe-b345-da3462584e27
Products affected by CVE-2021-24286
-
cpe:2.3:a:mooveagency:redirect_404_to_parent:-
-
cpe:2.3:a:mooveagency:redirect_404_to_parent:1.0.0
-
cpe:2.3:a:mooveagency:redirect_404_to_parent:1.0.1
-
cpe:2.3:a:mooveagency:redirect_404_to_parent:1.0.2
-
cpe:2.3:a:mooveagency:redirect_404_to_parent:1.2.0
-
cpe:2.3:a:mooveagency:redirect_404_to_parent:1.2.1
-
cpe:2.3:a:mooveagency:redirect_404_to_parent:1.2.2
-
cpe:2.3:a:mooveagency:redirect_404_to_parent:1.3.0