daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2022-0346.yaml

patch-1
Ritik Chaddha 2022-11-14 13:26:06 +05:30 committed by GitHub
parent 5885e9ac0d
commit cc5dddac3f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cves/2022/CVE-2022-0346.yaml
View File

@ -2,7 +2,7 @@ id: CVE-2022-0346
info:
name: WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting
author: Akincibor, theamanrawat
author: Akincibor,theamanrawat
severity: medium
description: |
WordPress XML Sitemap Generator for Google plugin before 2.0.4 contains a vulnerability that can lead to cross-site scripting or remote code execution. It does not validate a parameter which can be set to an arbitrary value, thus causing cross-site scripting via error message or remote code execution if allow_url_include is turned on.
@ -16,8 +16,8 @@ info:
cve-id: CVE-2022-0346
cwe-id: CWE-79
metadata:
verified: "true"
tags: cve,cve2022,xss,wp,wordpress,wp-plugin,wpscan
verified: true
tags: cve,cve2022,wp,wordpress,wp-plugin,xss,www-xml-sitemap-generator-org
requests:
- method: GET
@ -38,4 +38,4 @@ requests:
- type: word
part: body_2
words:
- "2ef3baa95802a4b646f2fc29075efe34"
- "2ef3baa95802a4b646f2fc29075efe34"