Cross-Site Request Forgery (CSRF) vulnerability in WPGrim Dynamic XML Sitemaps Generator for Google plugin <= 1.3.3...
8.8CVSS
8.8AI Score
0.001EPSS
Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google XML Sitemap for Videos plugin <= 2.6.1...
8.8CVSS
8.8AI Score
0.001EPSS
The XML Sitemaps WordPress plugin before 4.1.3 does not sanitise and escape a settings before outputting it in the Debug page, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
4.8CVSS
4.7AI Score
0.001EPSS
The Better WordPress Google XML Sitemaps WordPress plugin through 1.4.1 does not sanitise and escape its logs when outputting them in the admin dashboard, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks against...
6.1CVSS
5.9AI Score
0.001EPSS
Cross-site scripting vulnerability in Google XML Sitemaps Version 4.0.9 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified...
4.8CVSS
4.5AI Score
0.001EPSS