CVE-2022-0952

Name of the Vulnerable Software and Affected Versions Sitemap by click5 WordPress plugin versions prior to 1.0.36

Description The issue is related to the lack of authorization and CSRF checks when updating options via a REST endpoint, and the failure to ensure that the option to be updated belongs to the plugin. This allows unauthenticated attackers to change arbitrary blog options, such as the users can register and default role, enabling them to create a new admin account and take over the blog.

Recommendations For versions prior to 1.0.36, update to version 1.0.36 or later to resolve the issue. As a temporary workaround, consider restricting access to the REST endpoint used for updating options until a patch is applied. Additionally, restrict the ability to change blog options, such as users can register and default role, to authorized users only.