20 matches found
CVE-2025-64632
The CVE-2025-64632 entry concerns the WordPress Google XML Sitemaps plugin with versions up to and including 4.1.21. The root cause is a missing authorization / broken access control, allowing exploitation due to incorrectly configured access levels. Public sources in the connected documents conf...
CVE-2025-64632 WordPress Google XML Sitemaps plugin <= 4.1.22 - Broken Access Control vulnerability
Missing Authorization vulnerability in Auctollo Google XML Sitemaps google-sitemap-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Google XML Sitemaps: from n/a through = 4.1.22...
EUVD-2014-6126
Malware in sbrugna...
EUVD-2025-4351
Malicious code in bioql PyPI...
PT-2025-34993
Name of the Vulnerable Software and Affected Versions: Google XML News Sitemap plugin versions not specified Description: The Google XML News Sitemap plugin contains a Cross-Site Request Forgery CSRF vulnerability that also allows Stored Cross-Site Scripting XSS. Recommendations: At the moment,...
CVE-2025-27318
Cross-Site Request Forgery CSRF vulnerability in ixiter Simple Google Sitemap simple-google-sitemap allows Cross Site Request Forgery.This issue affects Simple Google Sitemap: from n/a through = 1.6...
CVE-2025-27318
Cross-Site Request Forgery CSRF vulnerability in ixiter Simple Google Sitemap simple-google-sitemap allows Cross Site Request Forgery.This issue affects Simple Google Sitemap: from n/a through = 1.6...
CVE-2025-27318
CVE-2025-27318 is a CSRF vulnerability affecting the WordPress plugin Simple Google Sitemap . Public details indicate exploitation could enable unauthorized requests against the plugin’s functionality, with affected versions listed as up to 1.6 (inclusive). Connected sources provide no vendor-spe...
CVE-2025-27318 WordPress Simple Google Sitemap Plugin <= 1.6 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in ixiter Simple Google Sitemap simple-google-sitemap allows Cross Site Request Forgery.This issue affects Simple Google Sitemap: from n/a through = 1.6...
CVE-2025-27318 WordPress Simple Google Sitemap Plugin <= 1.6 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in ixiter Simple Google Sitemap simple-google-sitemap allows Cross Site Request Forgery.This issue affects Simple Google Sitemap: from n/a through = 1.6...
PT-2025-7743 · Unknown · Simple Google Sitemap
Name of the Vulnerable Software and Affected Versions: Simple Google Sitemap versions 1.6 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized requests. Recommendations: For Simple Google Sitemap versions 1.6 and earlier, update to a version...
WordPress Plugin Dynamic XML Sitemaps Generator for Google Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
Opencart google_sitemap Remote Denial of Service Vulnerability
OpenCart is an open source e-commerce system from OpenCart China . The system provides product reviews, product ratings, product additions and other modules. A remote denial of service vulnerability exists in Opencart googlesitemap. An attacker can exploit the vulnerability to crash the user's...
Cross-Site Scripting in extension "Google Sitemap" (enter_new_weeaar_googlesitemap)
It has been discovered that the extension "Google Sitemap" enternewweeaargooglesitemap is susceptible to Cross-Site Scripting. Release Date: March 03, 2016 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 1.0.0 and...
WordPress Google Sitemap 2.9.1 Cross Site Scripting
Plugin Name : Google Sitemap Effected Version : 2.9.1 and most probably lower version's if any Vulnerability : A3-Cross-Site Scripting XSS Identified by : Madhu Akula Technical Details Minimum Level of Access Required : Administrator PoC - Proof of Concept :...
CVE-2014-6240
Cross-site scripting XSS vulnerability in the Google Sitemap weeaargooglesitemap extension 0.4.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Google Sitemap weeaargooglesitemap extension 0.4.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-6240
Cross-site scripting XSS vulnerability in the Google Sitemap weeaargooglesitemap extension 0.4.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-6240
CVE-2014-6240 is an XSS vulnerability in the TYPO3 extension Google Sitemap (weeaar_googlesitemap) 0.4.3 and earlier. The connected TYPO3 bulletin confirms the affected extension and versions, and states that vulnerable extensions will no longer be available for download, but it does not provide ...
PT-2006-5967 · Isearch · Isearch
Name of the Vulnerable Software and Affected Versions: iSearch version 2.16 Description: The issue concerns remote file inclusion vulnerabilities that could allow remote attackers to execute arbitrary PHP code. This is achieved by providing a URL in the isearch path parameter within various PHP...