CVE-2025-27318

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Feb 24, 2025

CWE ID 352

Summary

CVE-2025-27318 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the ixiter Simple Google Sitemap plugin. This issue enables malicious actors to manipulate a user's session and make unintended actions on the user's behalf, such as modifying or deleting data, by tricking them into clicking a specially crafted link. The vulnerability affects versions of Simple Google Sitemap from n/a through 1.6. Users are advised to update to the latest version of the plugin or disable it until a patch is available to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3lzADG
https://www.cve.org/CVERecord?id=CVE-2025-27318
https://nvd.nist.gov/vuln/detail/CVE-2025-27318

Back to Vulnerability Database

CVE-2025-27318

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations