Vulnerability CVE-2022-36404


Published: 2022-11-03

Description:
Auth. (subscriber+) Broken Access Control vulnerability in David Cole Simple SEO plugin <= 1.8.12 on WordPress allows attackers to create or delete sitemap.

 References:
https://wordpress.org/plugins/cds-simple-seo/#developers
https://patchstack.com/database/vulnerability/cds-simple-seo/wordpress-simple-seo-plugin-1-8-12-authenticated-sitemap-deletion-creation-vulnerability?_s_id=cve

Copyright 2026, cxsecurity.com

 

Back to Top