Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:20 p.m.11 views

CVE-2021-24176

The JH 404 Logger WordPress plugin through 1.1 doesn't sanitise the referer and path of 404 pages, when they are output in the dashboard, which leads to executing arbitrary JavaScript code in the WordPress dashboard...

5.4CVSS6.9AI score0.02044EPSS
Exploits2References1
CNVD
CNVD
added 2021/04/30 12:0 a.m.15 views

WordPress JH 404 Logger Cross-Site Scripting Vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. JH 404 Logger WordPress plugin through 1.1 has a...

3.5CVSS2.1AI score0.02044EPSS
Exploits2Affected Software1
OSV
OSV
added 2021/04/05 7:15 p.m.4 views

CVE-2021-24176

The JH 404 Logger WordPress plugin through 1.1 doesn't sanitise the referer and path of 404 pages, when they are output in the dashboard, which leads to executing arbitrary JavaScript code in the WordPress dashboard...

5.4CVSS5.9AI score0.02044EPSS
Exploits2References2
NVD
NVD
added 2021/04/05 7:15 p.m.19 views

CVE-2021-24176

The JH 404 Logger WordPress plugin through 1.1 doesn't sanitise the referer and path of 404 pages, when they are output in the dashboard, which leads to executing arbitrary JavaScript code in the WordPress dashboard...

5.4CVSS0.02044EPSS
Exploits2References2
CVE
CVE
added 2021/04/05 6:27 p.m.79 views

CVE-2021-24176

Summary: CVE-2021-24176 affects the WordPress JH 404 Logger plugin up to version 1.1. The root cause is that the referer and the path of 404 pages are not sanitized when echoed in the WordPress dashboard, enabling arbitrary JavaScript execution in the dashboard context. Impact: cross-site scripti...

5.4CVSS5.5AI score0.02044EPSS
Exploits2References2Affected Software1
CNNVD
CNNVD
added 2021/04/05 12:0 a.m.11 views

WordPress JH 404 Logger 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. JH 404 Logger WordPress plugin through 1.1 has a...

5.4CVSS5.6AI score0.02044EPSS
Exploits2References3
wpexploit
wpexploit
added 2021/03/11 12:0 a.m.540 views

JH 404 Logger <= 1.1 - Unauthenticated Stored Cross-Site Scripting (XSS)

The plugin doesn't sanitise the referer and path of 404 pages, when they are output in the dashboard, which leads to executing arbitrary JavaScript code in the WordPress dashboard. curl 'https://example.com/non-existing-page"' -e '"'...

3.5CVSS1AI score0.02044EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2021/03/11 12:0 a.m.19 views

JH 404 Logger <= 1.1 - Unauthenticated Stored Cross-Site Scripting (XSS)

The plugin doesn't sanitise the referer and path of 404 pages, when they are output in the dashboard, which leads to executing arbitrary JavaScript code in the WordPress dashboard. PoC curl 'https://example.com/non-existing-page"' -e '"'...

3.5CVSS1.3AI score0.02044EPSS
Exploits2Affected Software1
Patchstack
Patchstack
added 2021/03/11 12:0 a.m.19 views

WordPress JH 404 Logger plugin <= 1.1 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability

Unauthenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ganesh Bagaria in WordPress JH 404 Logger plugin versions = 1.1. Solution Deactivate and delete. This plugin has been closed as of February 11, 2021 and is not available for download. Reason: Security Issue...

5.4CVSS3.4AI score0.02044EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder