[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-23005":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":51,"name":52,"published":53,"updated":34},23005,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},2,"Nuclei",{"id":25,"codename":34,"description":34,"severity":35,"risk_description":34,"public_description":36,"public_recommendation":37,"recommendation":34,"references":38,"cvssv3":44,"epss_score":45,"epss_percentile":46,"cve":47,"in_cisa_catalog":49,"date":50,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"high","WordPress Sitemap by click5 plugin before 1.0.36 is susceptible to missing authorization. The plugin does not have authorization or CSRF checks when updating options via a REST endpoint and does not ensure that the option to be updated belongs to the plugin. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.","Update to the latest version of the WordPress Sitemap plugin by click5 (1.0.36 or higher) to fix the missing authorization issue.",[39,40,41,42,43],"https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b","https://nvd.nist.gov/vuln/detail/CVE-2022-0952","https://github.com/ARPSyndicate/kenzer-templates","https://github.com/RandomRobbieBF/CVE-2022-0952","https://github.com/nomi-sec/PoC-in-GitHub",8.8,0.89187,0.9953,[48],"CVE-2022-0952",false,"2022-05-02T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2022-0952","WordPress Sitemap by click5 \u003C1.0.36 - Missing Authorization","2024-08-09T00:00:00Z"]