CVE-2021-33851 Scanner

Customize Login Image plugin for WordPress is a popular tool that enables website owners to add a custom logo, background, and colors to their login page. With its easy-to-use interface and intuitive settings, it's no wonder that this plugin is a favorite amongst WordPress users. The plugin is designed to enhance the user experience of the site by providing an attractive and cohesive design throughout all pages, including the login page.

However, the plugin's security was recently compromised by a vulnerability known as CVE-2021-33851. This vulnerability allowed attackers to execute arbitrary JavaScript code within a user's browser, potentially compromising their sensitive information. It was discovered that this vulnerability was present in the plugin's "Custom logo link" feature, which executes on the Settings Page of the Customize Login Image Plugin.

Exploitation of this vulnerability can lead to a range of negative consequences. For example, an attacker could use it to steal sensitive data such as login credentials and payment information from users. In addition, they could manipulate the user's browser to execute malicious code that could take over their entire system or redirect them to a malicious website.

With the pro features of the securityforeveryone.com platform, website owners can easily and quickly learn about vulnerabilities in their digital assets. This service provides comprehensive security testing and scanning solutions that can identify and remediate any vulnerabilities present in the Customize Login Image plugin or any other WordPress plugin. Website owners can rest assured that their digital assets are secure with the help of this powerful platform.

REFERENCES

• https://cybersecurityworks.com/zerodays/cve-2021-33851-stored-cross-site-scripting-in-wordpress-customize-login-image.html