
CVE-2021-24176 Scanner
Detects 'Cross-Site Scripting (XSS)' vulnerability in JH 404 Logger plugin for Wordpress affects v. through 1.1.
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
15 seconds
Time Interval
13 days 15 hours
Scan only one
URL
Toolbox
The JH 404 Logger is a WordPress plugin used to track and monitor 404 pages on your website. It allows website owners to keep an eye on broken links and missing pages, providing valuable insights for website maintenance and optimization. The plugin is designed to help website owners improve their user experience by identifying and fixing any potential issues on their site.
However, despite its benefits, the JH 404 Logger WordPress plugin through version 1.1 is susceptible to a severe vulnerability known as CVE-2021-24176. This vulnerability stems from the plugin's failure to sanitise the referer and path of 404 pages, leaving open the possibility for malicious actors to execute arbitrary JavaScript code in the WordPress dashboard.
Exploiting this vulnerability can lead to severe consequences for website owners. The attacker can execute any JavaScript code in the WordPress dashboard, leading to a complete compromise of the site. This includes taking control of the site and its database, modifying or deleting content, and injecting malicious code or scripts. The consequences can be severe, resulting in financial loss, reputational damage, and even legal action in some cases.
In conclusion, the JH 404 Logger plugin is a powerful tool for website owners, allowing them to monitor and optimize their sites effectively. However, the CVE-2021-24176 vulnerability poses a severe risk to website owners using this plugin. It is essential to take comprehensive precautions to mitigate the risk of exploitation and protect your website from cyberattacks. s4e.io offers valuable insights and resources necessary to understand and protect your digital assets from vulnerabilities. By leveraging the pro features available on their platform, website owners can safeguard their websites quickly and efficiently.
REFERENCES