S4E

CVE-2021-24407 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in Jannah affects v. before 5.4.5.

Short Info


Level

Medium

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

1 month

Scan only one

Domain, IPv4

Toolbox

-

Jannah is a WordPress theme that is designed for news and magazine websites. It is a highly customizable and user-friendly theme that allows webmasters to easily create news portals, online magazines, and blogs. With its modern and clean design, Jannah has become a popular choice for WordPress users who want to create engaging and visually appealing websites.

Recently, a vulnerability was detected in the Jannah WordPress theme software, known as CVE-2021-24407. The vulnerability was related to the way the 'query' POST parameter was sanitized in the tie_ajax_search AJAX action, which can lead to Reflected Cross-site Scripting (XSS) attacks.

When exploited, this vulnerability can allow an attacker to inject malicious scripts into the web pages viewed by the website's visitors. This can lead to a range of malicious activities such as stealing sensitive information, hijacking user sessions, and spreading malware.

At s4e.io, we provide detailed and up-to-date information about vulnerabilities in digital assets, including the Jannah WordPress theme. Our platform offers advanced features that help webmasters protect their websites from potential security threats. By subscribing to our platform, readers can easily and quickly learn about vulnerabilities in their digital assets, including the Jannah WordPress theme, and take appropriate measures to ensure their website's security.

 

REFERENCES

Get started to protecting your Free Full Security Scan