WordPress Plugin Vulnerabilities

Google XML Sitemaps <= 4.0.8 - Authenticated Reflected XSS (via HOST header)

Description

The plugin contains a Paypal donate button that is echoing the global variable HTTP_HOST, which can be manipulated by the visitor.

Vulnerable Code:

sitemap-ui.php L1310
echo 'http://' . $_SERVER['HTTP_HOST']...

Affects Plugins

google-sitemap-generator

Fixed in version 4.0.9

References

URL

https://plugins.trac.wordpress.org/browser/google-sitemap-generator/trunk/sitemap-ui.php#L1310

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Submitter

Gerard Arall

Verified

WPVDB ID

83d46f91-314f-40a7-aa51-18426b2a2fa1

Timeline

Publicly Published

2017-03-01 (about 5 years ago)

Added

2017-03-03 (about 5 years ago)

Last Updated

2017-07-26 (about 5 years ago)

Our Other Services

WPScan WordPress Security Plugin