The XML Sitemap Generator for Google WordPress plugin prior to 2.0.4 does not validate a parameter which can be set to an arbitrary value, thus causing XSS via error message or RCE if allow_url_include is turned on.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xmlsitemapgenerator xml sitemap generator |