The Digihood HTML Sitemap plugin for WordPress has a security issue where malicious code can be injected through the ‘channel’ parameter. This could happen if a user clicks on a link, allowing attackers to execute their own code on the page. This vulnerability affects all versions up to 3.1.1 and can be exploited by anyone, even without authentication.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
