Security Advisory

CVE-2022-0346

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-05-23 07:15:21

Last updated 2024-08-02 23:25:40

Assigner WPScan

State PUBLISHED

Description

The XML Sitemap Generator for Google WordPress plugin before 2.0.4 does not validate a parameter which can be set to an arbitrary value, thus causing XSS via error message or RCE if allow_url_include is turned on.

← Browse all CVEs View on cve.org ↗