Vulnerabilities > CVE-2021-24176 - Unspecified vulnerability in JH 404 Logger Project JH 404 Logger 1.1

047910
CVSS 5.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
jh-404-logger-project

Summary

The JH 404 Logger WordPress plugin through 1.1 doesn't sanitise the referer and path of 404 pages, when they are output in the dashboard, which leads to executing arbitrary JavaScript code in the WordPress dashboard.

Vulnerable Configurations

Part Description Count
Application
Jh_404_Logger_Project
2