I'm aware passwords should be hashed/salted on backend and HTTPS should be used for transportation. My concern is that, on account registration, there is a section of code where the plain text password could exposed by way of a poorly placed log-statement.
I understand hashing passwords multiple times is not ideal, but to address this concern would it be acceptable (from a security governance perspective) to also hash the password on the frontend?
Yes, you should hash your password on frontend with a salt (e.g username) to prevent clear text abuse on backend. Also, slow hash should happen on frontend to migrate the computing burden of backend.
You may combine salt and pepper on backend for the secondary hash.