VYPR

XML Sitemap Feed

by WordPress

CVEs (1)

  • CVE-2024-4441HigMay 14, 2024
    risk 0.53cvss 8.1epss 0.01

    The XML Sitemap & Google News plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.4.8 via the 'feed' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the…