Sitemap Project Sitemap — known CVE vulnerabilities
Every CVE whose affected-product data names Sitemap Project Sitemap, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-24192 — CVSS 8.8 (high): Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Tree Sitemap WordPress plugin before 2.9, to…
CVE-2022-0952 — CVSS 8.8 (high): The Sitemap by click5 WordPress plugin before 1.0.36 does not have authorisation and CSRF checks when updating options via a REST endpoint…
CVE-2022-4545 — CVSS 5.4 (medium): The Sitemap WordPress plugin before 4.4 does not validate and escape some of its shortcode attributes before outputting them back in the…