CVE-2021-25074 Scanner

WebP Converter for Media is a popular WordPress plugin that allows website owners to easily convert images into the Google-developed WebP format, which is designed to reduce the size of images without sacrificing quality. The plugin is widely used by website owners to speed up their website's load times, which is an important factor in website usability and search engine optimization. The plugin is free to download and use, but offers additional features and functionality through a pro version.

Recently, a vulnerability was discovered in WebP Converter for Media, identified as CVE-2021-25074. This vulnerability exists in the passthru.php file, which fails to properly validate user input before redirecting the user to another location. Attackers can exploit this vulnerability by using a crafted link to redirect users to a malicious website, tricking them into sharing sensitive information or installing malware on their devices.

If the CVE-2021-25074 vulnerability is exploited, the consequences can be dire. Attackers can use the vulnerability to redirect users to phishing websites designed to steal their login credentials or financial information. Users can also be redirected to sites that are infected with malware, such as ransomware or botnets. In any case, users' security and privacy are at risk, which can have serious repercussions both personally and professionally.

As a trusted partner in website security, s4e.io offers pro features that enable website owners to quickly and easily learn about vulnerabilities in their digital assets. With our security alerts, users can receive real-time notifications of vulnerabilities and take action to protect their websites and online assets. By staying informed and taking appropriate precautions, website owners can safeguard their assets and minimize the risk of security breaches.

REFERENCES

• https://wpscan.com/vulnerability/f3c0a155-9563-4533-97d4-03b9bac83164