Vulnerability Details CVE-2021-24326
The tab parameter of the settings page of the All 404 Redirect to Homepage WordPress plugin before 1.21 was vulnerable to an authenticated reflected Cross-Site Scripting (XSS) issue as user input was not properly sanitised before being output in an attribute.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.0%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2021-24326
-
cpe:2.3:a:clogica:all_404_redirect_to_homepage:-
-
cpe:2.3:a:clogica:all_404_redirect_to_homepage:1.10
-
cpe:2.3:a:clogica:all_404_redirect_to_homepage:1.11
-
cpe:2.3:a:clogica:all_404_redirect_to_homepage:1.12
-
cpe:2.3:a:clogica:all_404_redirect_to_homepage:1.13
-
cpe:2.3:a:clogica:all_404_redirect_to_homepage:1.14
-
cpe:2.3:a:clogica:all_404_redirect_to_homepage:1.15
-
cpe:2.3:a:clogica:all_404_redirect_to_homepage:1.16
-
cpe:2.3:a:clogica:all_404_redirect_to_homepage:1.17
-
cpe:2.3:a:clogica:all_404_redirect_to_homepage:1.18
-
cpe:2.3:a:clogica:all_404_redirect_to_homepage:1.19
-
cpe:2.3:a:clogica:all_404_redirect_to_homepage:1.7
-
cpe:2.3:a:clogica:all_404_redirect_to_homepage:1.8
-
cpe:2.3:a:clogica:all_404_redirect_to_homepage:1.9