CVE-2021-24452 Scanner
Detects 'Cross-Site Scripting (XSS)' vulnerability in W3 Total Cache plugin for WordPress affects v. before 2.1.5.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
4 week
Scan only one
Domain, Ipv4
Toolbox
-
Vulnerability Overview
- CVE Identifier: CVE-2021-24452
- Vulnerable Component: WordPress W3 Total Cache Plugin
- Parameters Affected:
extension
parameter in the Extensions dashboard - Issue: Lack of proper sanitization leading to cross-site scripting (XSS) attacks.
Vulnerability Details
CVE-2021-24452 makes websites vulnerable to XSS attacks through the unsanitized extension
parameter in the W3 Total Cache plugin's Extensions dashboard. This flaw allows attackers to craft URLs that execute malicious JavaScript in the context of an authenticated admin's browser, compromising site security and integrity.
Why Choose S4E
S4E offers the CVE-2021-24452 Scanner as part of its suite of security tools, empowering website owners to proactively address vulnerabilities with precision. Our platform provides continuous monitoring, expert support, and actionable insights, enabling users to enhance their website security posture effectively. Join S4E today for comprehensive protection against the ever-evolving threats in the digital world.