CVE-2022-1216

Name of the Vulnerable Software and Affected Versions Advanced Image Sitemap WordPress plugin versions 1.2 and earlier

Description The issue is related to Reflected Cross-Site Scripting. It occurs because the PHP SELF PHP variable is not properly sanitised and escaped before being outputted in an attribute on an admin page. This allows for malicious scripts to be reflected back to the user, potentially leading to security issues.

Recommendations For Advanced Image Sitemap WordPress plugin versions 1.2 and earlier, consider updating to a version where this issue is fixed, as the current version does not properly sanitise the PHP SELF variable. At the moment, there is no information about a newer version that contains a fix for this vulnerability.