VYPR

XML Sitemap & Google News plugin

by WordPress

CVEs (2)

  • CVE-2024-4441HigMay 14, 2024
    risk 0.53cvss 8.1epss 0.01

    The XML Sitemap & Google News plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.4.8 via the 'feed' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the…

  • CVE-2025-48304HigAug 28, 2025
    risk 0.46cvss 7.1epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Gary Illyes Google XML News Sitemap plugin gn-xml-sitemap allows Stored XSS.This issue affects Google XML News Sitemap plugin: from n/a through <= 0.02.