CVE-2019-14789 Scanner

Custom 404 Pro is a WordPress plugin designed to create custom error pages for 404 errors. It allows users to create custom pages that can help retain visitors and provide more information about website errors. The plugin also offers a wide range of customization options and supports different languages. Additionally, it is user-friendly, making it easy for users to install, configure and use.

However, the plugin has a severe vulnerability detected as CVE-2019-14789. The vulnerability lies in the parameter “c4p-main” in the wp-admin/admin.php?page=c4p-main page, which can be exploited to launch cross-site scripting (XSS) attacks. Attackers can inject malicious code into the website and execute it in the victim's browser when they visit the website. As a result, the attacker could steal sensitive data, install malware on the victim's device and even take over the website.

When exploited, this vulnerability can have severe consequences. In addition to sensitive data theft and device damage, attackers can also cause irreparable damage to the website’s reputation by accessing and modifying website content. This can lead to a loss of trust among users and potentially cause financial harm to the website’s owner.

In conclusion, the Custom 404 Pro vulnerability is a significant threat to website security. However, by following the aforementioned precautions, website owners can protect themselves and their users from the consequences of this vulnerability. Thanks to the pro features of the securityforeveryone.com platform, website owners can quickly and easily learn about vulnerabilities in their digital assets and take appropriate measures to secure them. Don't wait until it's too late; protect your website today.

REFERENCES

• https://wordpress.org/plugins/custom-404-pro/#developers 
• https://www.pluginvulnerabilities.com/2019/06/25/other-vulnerability-data-sources-miss-that-a-reflected-xss-vulnerability-in-custom-404-pro-hasnt-been-fixed/