Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWPScanCVELIST:CVE-2022-0346
HistoryMay 23, 2022 - 7:15 a.m.

CVE-2022-0346 Google XML Sitemap Generator < 2.0.4 - Reflected Cross-Site Scripting

2022-05-2307:15:21
CWE-79
WPScan
www.cve.org
3
cve-2022-0346
google
xml sitemap generator
cross-site scripting
wordpress
plugin
reflected cross-site scripting

EPSS

0.001

Percentile

37.9%

JSON

The XML Sitemap Generator for Google WordPress plugin before 2.0.4 does not validate a parameter which can be set to an arbitrary value, thus causing XSS via error message or RCE if allow_url_include is turned on.

CNA Affected

[
  {
    "product": "XML Sitemap Generator for Google",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "2.0.4",
        "status": "affected",
        "version": "2.0.4",
        "versionType": "custom"
      }
    ]
  }
]

Related

nuclei 1
prion 1
nvd 1
patchstack 1
cve 1
nuclei
nuclei
WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting/Remote Code Execution
2022-05-19 17:59:08
prion
prion
Design/Logic Flaw
2022-05-23 08:16:00
nvd
nvd
CVE-2022-0346
2022-05-23 08:16:06
patchstack
patchstack
WordPress XML Sitemap Generator for Google plugin <= 2.0.3 - Reflected Cross-Site Scripting (XSS) vulnerability
2022-05-02 00:00:00
cve
cve
CVE-2022-0346
2022-05-23 08:16:06

EPSS

0.001

Percentile

37.9%

JSON
Related for CVELIST:CVE-2022-0346
nuclei1prion1nvd1patchstack1cve1