Description
The JH 404 Logger WordPress plugin through 1.1 doesn't sanitise the referer and path of 404 pages, when they are output in the dashboard, which leads to executing arbitrary JavaScript code in the WordPress dashboard.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
No history.
Status: PUBLISHED
Assigner: WPScan
Published:
Updated: 2024-08-03T19:21:18.783Z
Reserved: 2021-01-14T00:00:00.000Z
Link: CVE-2021-24176
No data.
Status : Modified
Published: 2021-04-05T19:15:16.187
Modified: 2026-06-17T03:39:32.750
Link: CVE-2021-24176
No data.
OpenCVE Enrichment
No data.
Weaknesses