Security for everyone

CVE-2021-36873 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in iQ Block Country plugin for WordPress affects v. 1.2.11 and before.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Domain, Ipv4

Parent Category

CVE-2021-36873 Scanner Detail

The iQ Block Country plugin is a well-known WordPress plugin that is used to block unwanted traffic or visitors originating from specific countries. By blocking these IP addresses, website owners can effectively reduce the number of spam comments, brute force attacks, and other malicious activities that might harm their website. This plugin is widely popular amongst WordPress users who want to secure their websites against unwanted traffic from specific geographic locations.

However, recently, a new vulnerability has been detected in the iQ Block Country plugin, which raises serious concerns for website owners. The CVE-2021-36873 vulnerability is a persistent cross-site scripting (XSS) issue present in the plugin's versions up to and including 1.2.11. The vulnerability lies within the 'blockcountry_blockmessage' parameter, which is used to display messages to visitors from the blocked countries.

If exploited, the CVE-2021-36873 vulnerability can lead to serious security issues such as data theft, website defacement, and even complete loss of control over the website. Through this vulnerability, an attacker can inject malicious code into the website, which can then be executed when the user visits the site. This can allow the attacker to gain unauthorized access to sensitive data or even take full control of the website.

At, we offer a comprehensive platform that can help website owners identify and address potential vulnerabilities in their digital assets. By utilizing our pro features, website owners can easily and quickly learn about vulnerabilities in their website and take necessary actions to mitigate the risks. With our platform, website owners can rest assured that their digital assets are secure and protected against potential threats. So, take the step towards securing your website today and sign up for our pro features at!



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture