VYPR

XML for Google Merchant Center

by WordPress

CVEs (2)

  • CVE-2023-30877HigAug 17, 2023
    risk 0.46cvss 7.1epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maxim Glazunov XML for Google Merchant Center plugin <= 3.0.1 versions.

  • CVE-2024-13406MedJan 22, 2025
    risk 0.40cvss 6.1epss 0.00

    The XML for Google Merchant Center plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'feed_id' parameter in all versions up to, and including, 3.0.11 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated…