CVE-2023-1780
10.07.2023, 16:15
The Companion Sitemap Generator WordPress plugin before 4.5.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
| Vendor | Product | Version |
|---|---|---|
| codeermeneer | companion_sitemap_generator | 𝑥 < 4.5.3 |
𝑥
= Vulnerable software versions