RSS   Vulnerabilities for 'Advanced image sitemap'   RSS

2022-05-16
 
CVE-2022-1216

CWE-79
 

 
The Advanced Image Sitemap WordPress plugin through 1.2 does not sanitise and escape the PHP_SELF PHP variable before outputting it back in an attribute in an admin page, leading to Reflected Cross-Site Scripting.

 


Copyright 2022, cxsecurity.com

 

Back to Top