Google XML News Sitemap

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2025-48304	Gary Illyes Google XML News Sitemap	Hig	0.46	7.1	0.00		Aug 28, 2025	Cross-Site Request Forgery (CSRF) vulnerability in Gary Illyes Google XML News Sitemap plugin gn-xml-sitemap allows Stored XSS.This issue affects Google XML News Sitemap plugin: from n/a through <= 0.02.
CVE-2021-36912	Gary Illyes Google XML News Sitemap		0.00	—	0.01		May 6, 2022	Stored Cross-Site Scripting (XSS) vulnerability in Andrea Pernici News Sitemap for Google plugin <= 1.0.16 on WordPress, attackers must have contributor or higher user role.

CVE-2025-48304HigAug 28, 2025
Gary Illyes
Google XML News Sitemap
risk 0.46cvss 7.1epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Gary Illyes Google XML News Sitemap plugin gn-xml-sitemap allows Stored XSS.This issue affects Google XML News Sitemap plugin: from n/a through <= 0.02.
CVE-2021-36912May 6, 2022
Gary Illyes
Google XML News Sitemap
risk 0.00cvss —epss 0.01
Stored Cross-Site Scripting (XSS) vulnerability in Andrea Pernici News Sitemap for Google plugin <= 1.0.16 on WordPress, attackers must have contributor or higher user role.