CVE-2022-0346
published 2022-05-23CVE-2022-0346: The XML Sitemap Generator for Google WordPress plugin before 2.0.4 does not validate a parameter which can be set to an arbitrary value, thus causing XSS via…
PriorityP277medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
2.21%
80.3th percentile
The XML Sitemap Generator for Google WordPress plugin before 2.0.4 does not validate a parameter which can be set to an arbitrary value, thus causing XSS via error message or RCE if allow_url_include is turned on.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xmlsitemapgenerator | xml_sitemap_generator | < 2.0.4 | 2.0.4 |
Detection & IOCsextracted from sources · hover to see the quote
hash2ef3baa95802a4b646f2fc29075efe34
other490a0046304402200124575cef49b079fcb7e2f6d0ad8fef4845ebe85dbc678b1fe131b422d61ea1022055c204c75c31b714f3a2b8f0f4f816dac254641997294050c7539fd7df0bd587:922c64590222798bb761d5b6d8e72950
- →Probe for XSS/RCE by detecting the error message 'Invalid Provider type specified' in the HTTP response body, which indicates an unsanitized parameter was reflected.
- →Detection rule uses a two-step match: first check for 'Invalid Provider type specified' in the response body, then confirm with the MD5 hash string '2ef3baa95802a4b646f2fc29075efe34' in a second body check — both conditions must be true.
- ·RCE is only exploitable when the PHP 'allow_url_include' directive is enabled on the target server; without it, impact is limited to XSS. ↗
- ·The vulnerability affects XML Sitemap Generator for Google WordPress plugin versions before 2.0.4; versions at or above 2.0.4 are patched. ↗
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vulncheck6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rp7p-6rw5-m696: The XML Sitemap Generator for Google WordPress plugin before 2
ghsa_unreviewed·2022-05-24
CVE-2022-0346 [MEDIUM] CWE-79 GHSA-rp7p-6rw5-m696: The XML Sitemap Generator for Google WordPress plugin before 2
The XML Sitemap Generator for Google WordPress plugin before 2.0.4 does not validate a parameter which can be set to an arbitrary value, thus causing XSS via error message or RCE if allow_url_include is turned on.
VulnCheck
xmlsitemapgenerator xml_sitemap_generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
vulncheck·2022·CVSS 6.1
CVE-2022-0346 [MEDIUM] xmlsitemapgenerator xml_sitemap_generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
xmlsitemapgenerator xml_sitemap_generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The XML Sitemap Generator for Google WordPress plugin before 2.0.4 does not validate a parameter which can be set to an arbitrary value, thus causing XSS via error message or RCE if allow_url_include is turned on.
Affected: xmlsitemapgenerator xml_sitemap_generator
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-01-02&host_type=src&vulnerability=cve-2022-0346; https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-01-22&h
No detection rules found.
Nuclei
WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting/Remote Code Execution
nuclei·CVSS 6.1
CVE-2022-0346 [MEDIUM] WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting/Remote Code Execution
WordPress XML Sitemap Generator for Google "
- "Invalid Provider type specified"
condition: and
- type: word
part: body_2
words:
- "2ef3baa95802a4b646f2fc29075efe34"
# digest: 490a0046304402200124575cef49b079fcb7e2f6d0ad8fef4845ebe85dbc678b1fe131b422d61ea1022055c204c75c31b714f3a2b8f0f4f816dac254641997294050c7539fd7df0bd587:922c64590222798bb761d5b6d8e72950
2022-05-23
Published
Exploited in the wild