CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36912 – Andrea Pernici News Sitemap for Google plugin <= 1.0.16 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2021-36912
Stored Cross-Site Scripting (XSS) vulnerability in Andrea Pernici News Sitemap for Google plugin <= 1.0.16 on WordPress, attackers must have contributor or higher user role. Una vulnerabilidad de tipo Cross-Site Scripting (XSS) almacenado en el plugin Andrea Pernici News Sitemap for Google versiones anteriores a 1.0.16 incluyéndola en WordPress, los atacantes deben tener el rol de usuario contributor o superior • https://patchstack.com/database/vulnerability/google-news-sitemap/wordpress-andrea-pernici-news-sitemap-for-google-plugin-1-0-16-authenticated-stored-cross-site-scripting-xss-vulnerability https://wordpress.org/plugins/google-news-sitemap • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-6240
https://notcve.org/view.php?id=CVE-2014-6240
Cross-site scripting (XSS) vulnerability in the Google Sitemap (weeaar_googlesitemap) extension 0.4.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la extensión Google Sitemap (weeaar_googlesitemap) 0.4.3 y anteriores para TYPO3 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010 http://www.securityfocus.com/bid/69571 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •