CVE-2021-24407 Scanner
Detects 'Cross-Site Scripting (XSS)' vulnerability in Jannah affects v. before 5.4.5.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 month
Scan only one
Domain, IPv4
Toolbox
-
Jannah is a WordPress theme that is designed for news and magazine websites. It is a highly customizable and user-friendly theme that allows webmasters to easily create news portals, online magazines, and blogs. With its modern and clean design, Jannah has become a popular choice for WordPress users who want to create engaging and visually appealing websites.
Recently, a vulnerability was detected in the Jannah WordPress theme software, known as CVE-2021-24407. The vulnerability was related to the way the 'query' POST parameter was sanitized in the tie_ajax_search AJAX action, which can lead to Reflected Cross-site Scripting (XSS) attacks.
When exploited, this vulnerability can allow an attacker to inject malicious scripts into the web pages viewed by the website's visitors. This can lead to a range of malicious activities such as stealing sensitive information, hijacking user sessions, and spreading malware.
At s4e.io, we provide detailed and up-to-date information about vulnerabilities in digital assets, including the Jannah WordPress theme. Our platform offers advanced features that help webmasters protect their websites from potential security threats. By subscribing to our platform, readers can easily and quickly learn about vulnerabilities in their digital assets, including the Jannah WordPress theme, and take appropriate measures to ensure their website's security.
REFERENCES