cleantalk
Vulnerabilities and Security Researches

XML Sitemap Generator for Google, CVE-2021-25088

CVE, Research URL

CVE-2021-25088

Home page URL

Security reports for XML Sitemap Generator for Google

Application

XML Sitemap Generator for Google

Published on
Jun 20, 2022
Research Description
The XML Sitemaps WordPress plugin before 4.1.3 does not sanitise and escape a settings before outputting it in the Debug page, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions
Min -, max 4.1.3.
Status
vulnerable
Previous vulnerability researches
XML Sitemap Generator for Google , Jan 08, 2025
XML Sitemap Generator for Google (CVE-2021-25088) , Jun 07, 2024
XML Sitemap Generator for Google (CVE-2018-16204) , Jun 07, 2024
New vulnerability
Aviation Weather from NOAA (CVE-2025-28980) , Jul 04, 2025
WP Map Block – Gutenberg Map Block for Google Map and OpenStreet Map (CVE-2025-5194) , Jul 04, 2025
Amazon Products to WooCommerce (CVE-2025-5817) , Jul 04, 2025
WP-Recall – Registration, Profile, Commerce & More (CVE-2025-49991) , Jul 04, 2025
WP-Recall – Registration, Profile, Commerce & More (CVE-2025-52796) , Jul 04, 2025