Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Google Sitemap Security Vulnerabilities

cve
cve

CVE-2024-4441

The XML Sitemap & Google News plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.4.8 via the 'feed' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any...

8.1CVSS

7.9AI Score

0.001EPSS

2024-05-14 03:43 PM
25
cve
cve

CVE-2023-26514

Cross-Site Request Forgery (CSRF) vulnerability in WPGrim Dynamic XML Sitemaps Generator for Google plugin <= 1.3.3...

8.8CVSS

8.8AI Score

0.001EPSS

2023-11-13 12:15 AM
20
cve
cve

CVE-2023-28173

Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google XML Sitemap for Images plugin <= 2.1.3...

8.8CVSS

8.8AI Score

0.001EPSS

2023-11-12 11:15 PM
15
cve
cve

CVE-2023-23869

Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google XML Sitemap for Mobile plugin <= 1.6.1...

8.8CVSS

8.8AI Score

0.001EPSS

2023-07-10 04:15 PM
8
cve
cve

CVE-2023-25055

Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google XML Sitemap for Videos plugin <= 2.6.1...

8.8CVSS

8.8AI Score

0.001EPSS

2023-06-15 02:15 PM
15
cve
cve

CVE-2022-0346

The XML Sitemap Generator for Google WordPress plugin before 2.0.4 does not validate a parameter which can be set to an arbitrary value, thus causing XSS via error message or RCE if allow_url_include is turned...

6.1CVSS

6AI Score

0.001EPSS

2022-05-23 08:16 AM
157
7
cve
cve

CVE-2021-36912

Stored Cross-Site Scripting (XSS) vulnerability in Andrea Pernici News Sitemap for Google plugin <= 1.0.16 on WordPress, attackers must have contributor or higher user...

5.4CVSS

5.2AI Score

0.001EPSS

2022-05-06 05:15 PM
62
6
cve
cve

CVE-2022-0230

The Better WordPress Google XML Sitemaps WordPress plugin through 1.4.1 does not sanitise and escape its logs when outputting them in the admin dashboard, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks against...

6.1CVSS

5.9AI Score

0.001EPSS

2022-03-14 03:15 PM
63
cve
cve

CVE-2018-16204

Cross-site scripting vulnerability in Google XML Sitemaps Version 4.0.9 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified...

4.8CVSS

4.5AI Score

0.001EPSS

2019-01-09 11:29 PM
22
cve
cve

CVE-2017-2171

Cross-site scripting vulnerability in Captcha prior to version 4.3.0, Car Rental prior to version 1.0.5, Contact Form Multi prior to version 1.2.1, Contact Form prior to version 4.0.6, Contact Form to DB prior to version 1.5.7, Custom Admin Page prior to version 0.1.2, Custom Fields Search prior...

6.1CVSS

6.1AI Score

0.001EPSS

2017-05-22 04:29 PM
33
cve
cve

CVE-2014-6240

Cross-site scripting (XSS) vulnerability in the Google Sitemap (weeaar_googlesitemap) extension 0.4.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified...

5.8AI Score

0.001EPSS

2014-09-11 02:16 PM
17