3 matches found
CVE-2023-1780 Companion Sitemap Generator < 4.5.3 - Reflected XSS
The Companion Sitemap Generator WordPress plugin before 4.5.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-1780
The CVE-2023-1780 affects the Companion Sitemap Generator WordPress plugin (versions before 4.5.3). It stems from not sanitising/escaping certain parameters before echoing them in pages, causing a Reflected Cross‑Site Scripting (XSS) vulnerability that could affect high‑privilege users (e.g., adm...
WordPress Companion Sitemap Generator – HTML & XML Plugin < 4.5.3 is vulnerable to Cross Site Scripting (XSS)
Software Companion Sitemap Generator – HTML & XML Type Plugin Vulnerable versions 4.5.3 Fixed in 4.5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1780 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2c5448d43a2a...