Vulnerability Details CVE-2021-24658
The Erident Custom Login and Dashboard WordPress plugin before 3.5.9 did not properly sanitise its settings, allowing high privilege users to use XSS payloads in them (even when the unfileted_html is disabled)
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.1%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 3.5
References
Products affected by CVE-2021-24658
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:-
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:1.0
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:1.1
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:1.2
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:1.3
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:1.4
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:1.5.1
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:2.0.0
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:2.0.1
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:2.1.0
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:2.1.1
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:2.2.0
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:2.2.1
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:2.3.0
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:2.3.1
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:3.0
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:3.1
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:3.2
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:3.3
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:3.3.1
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:3.4
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:3.4.1
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:3.5
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:3.5.1
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:3.5.2
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:3.5.3
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:3.5.4
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:3.5.5
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:3.5.7
-
cpe:2.3:a:erident_custom_login_and_dashboard_project:erident_custom_login_and_dashboard:3.5.8