CVE-2021-24536

Published: Aug 16, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

The Custom Login Redirect WordPress plugin through 1.0.0 does not have CSRF check in place when saving its settings, and do not sanitise or escape user input before outputting them back in the page, leading to a Stored Cross-Site Scripting issue

Vendor	Product	Versions
Unknown	Custom Login Redirect	affected `1.0.0 - <= 1.0.0`

Weaknesses (CWE)

CWE-79

CWE-352

References

https://wpscan.com/vulnerability/e1ca9978-a44d-4717-b963-acaf56258fc9

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-24536

Description

Affected Products

Weaknesses (CWE)

References