Security for everyone

CVE-2021-24435 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in Titan Framework plugin for WordPress affects v. 1.12.1 and before.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one


Parent Category

CVE-2021-24435 Scanner Detail

Vulnerability Overview:

CVE Identifier: CVE-2021-24435
Affected Plugin: Titan Framework
Affected Versions: Versions <= 1.12.1
Severity: Medium
Impact: Allows attackers to execute malicious scripts in the context of a user's browser session.

Vulnerability Details:

CVE-2021-24435 exposes a critical flaw within the Titan Framework plugin, specifically within its iframe-font-preview.php file. The insufficient sanitation of the font-weight and font-family GET parameters leads to a Reflected Cross-Site Scripting (XSS) condition. This vulnerability poses a significant threat as it could enable attackers to inject malicious scripts, compromise user sessions, steal sensitive information, or manipulate website content.

The Importance of Mitigating CVE-2021-24435:

The necessity to address this XSS vulnerability cannot be overstated. By exploiting CVE-2021-24435, an attacker could gain unauthorized access to personal data, hijack user sessions, or even take over control of affected sites. Prompt remediation is crucial to safeguard user trust and compliance with data protection standards.

Why Choose SecurityForEveryone?

Opting for SecurityForEveryone's CVE-2021-24435 Scanner equips you with a focused tool to identify and resolve this XSS vulnerability in the Titan Framework plugin. Our approach ensures a thorough assessment, providing clear guidance to secure your WordPress environment effectively.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture