WP-Safety

Sitemap by BestWebSoft – WordPress XML Site Map Page Generator Plugin Security & Risk Analysis

wordpress.org/plugins/google-sitemap-plugin

Generate and add XML sitemap to WordPress website. Help search engines index your blog.

20K active installs v3.3.5 PHP + WP 6.2+ Updated Dec 3, 2025
add-pages-to-sitemapadd-posts-to-sitemapadd-sitemapgooglegoogle-sitemap
100
A · Safe
CVEs total1
Unpatched0
Last CVEApr 12, 2017
Plugin page Download
Safety Verdict

Is Sitemap by BestWebSoft – WordPress XML Site Map Page Generator Plugin Safe to Use in 2026?

Generally Safe

Score 100/100

Sitemap by BestWebSoft – WordPress XML Site Map Page Generator Plugin has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Apr 12, 2017Updated 4mo ago
Risk Assessment

The "google-sitemap-plugin" v3.3.5 exhibits a generally good security posture with strong adherence to secure coding practices. The plugin demonstrates a high percentage of properly escaped outputs and a significant portion of SQL queries utilizing prepared statements. Furthermore, the presence of numerous nonce and capability checks suggests a conscious effort to protect against common WordPress attack vectors. The absence of any critical or high-severity taint flows and no currently unpatched CVEs are positive indicators.

Key Concerns

  • Use of unserialize() function
  • SQL queries not always using prepared statements
  • Known medium severity vulnerability in history
Vulnerabilities
1

Sitemap by BestWebSoft – WordPress XML Site Map Page Generator Plugin Security Vulnerabilities

CVEs by Year

1 CVE in 2017
2017
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

WF-e409a4af-9998-4b77-8f6b-50ae1b70da2d-google-sitemap-pluginmedium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Sitemap by BestWebSoft – WordPress XML Site Map Page Generator Plugin < 3.0.8 - Reflected Cross-Site Scripting

Apr 12, 2017 Patched in 3.0.8 (2477d)
Code Analysis
Analyzed Mar 16, 2026

Sitemap by BestWebSoft – WordPress XML Site Map Page Generator Plugin Code Analysis

Dangerous Functions
1
Raw SQL Queries
6
10 prepared
Unescaped Output
19
574 escaped
Nonce Checks
23
Capability Checks
3
File Operations
15
External Requests
8
Bundled Libraries
0

Dangerous Functions Found

unserialize$data = unserialize($data);google_api\Cache\File.php:75

SQL Query Safety

63% prepared16 total queries

Output Escaping

97% escaped593 total outputs
Data Flows
All sanitized

Data Flow Analysis

6 flows
bws_add_menu_render (bws_menu\bws_menu.php:18)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Sitemap by BestWebSoft – WordPress XML Site Map Page Generator Plugin Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_bws_submit_request_feature_actionbws_menu\class-bws-settings.php:1466
authwp_ajax_bws_submit_uninstall_reason_actionbws_menu\deactivation-form.php:433
WordPress Hooks 43
filterload_textdomain_mofilebws_menu\bws_functions.php:43
filtermce_external_pluginsbws_menu\bws_functions.php:1146
filtermce_buttonsbws_menu\bws_functions.php:1147
actionadmin_initbws_menu\bws_functions.php:1433
actionadmin_enqueue_scriptsbws_menu\bws_functions.php:1434
actionadmin_headbws_menu\bws_functions.php:1435
actionadmin_footerbws_menu\bws_functions.php:1436
actionadmin_noticesbws_menu\bws_functions.php:1438
actionwp_enqueue_scriptsbws_menu\bws_functions.php:1440
filterrobots_txtgoogle-sitemap-plugin.php:125
actionwp_headgoogle-sitemap-plugin.php:184
actionembed_headgoogle-sitemap-plugin.php:185
actionadmin_menugoogle-sitemap-plugin.php:2777
actioninitgoogle-sitemap-plugin.php:2779
actionadmin_initgoogle-sitemap-plugin.php:2780
actionplugins_loadedgoogle-sitemap-plugin.php:2783
actionadmin_enqueue_scriptsgoogle-sitemap-plugin.php:2785
actiontransition_post_statusgoogle-sitemap-plugin.php:2787
actionsave_postgoogle-sitemap-plugin.php:2788
actiontrashed_postgoogle-sitemap-plugin.php:2789
actiongglstmp_sitemap_crongoogle-sitemap-plugin.php:2791
actiongglstmp_schedule_news_sitemapgoogle-sitemap-plugin.php:2792
actionpermalink_structure_changedgoogle-sitemap-plugin.php:2795
actioncreated_termgoogle-sitemap-plugin.php:2796
actionedited_termgoogle-sitemap-plugin.php:2797
actiondelete_termgoogle-sitemap-plugin.php:2798
filterrewrite_rules_arraygoogle-sitemap-plugin.php:2800
actionwp_headgoogle-sitemap-plugin.php:2802
filterplugin_action_linksgoogle-sitemap-plugin.php:2804
filterplugin_row_metagoogle-sitemap-plugin.php:2805
actionadmin_noticesgoogle-sitemap-plugin.php:2807
actionwpmu_new_bloggoogle-sitemap-plugin.php:2809
actionactivate_bloggoogle-sitemap-plugin.php:2810
actionmake_undelete_bloggoogle-sitemap-plugin.php:2811
actionunarchive_bloggoogle-sitemap-plugin.php:2812
actionmake_ham_bloggoogle-sitemap-plugin.php:2813
actiondelete_bloggoogle-sitemap-plugin.php:2815
actiondeactivate_bloggoogle-sitemap-plugin.php:2816
actionmake_delete_bloggoogle-sitemap-plugin.php:2817
actionarchive_bloggoogle-sitemap-plugin.php:2818
actionmake_spam_bloggoogle-sitemap-plugin.php:2819
actionadd_meta_boxesgoogle-sitemap-plugin.php:2822
actionsave_postgoogle-sitemap-plugin.php:2824

Scheduled Events 3

gglstmp_schedule_news_sitemap
gglstmp_sitemap_cron
gglstmp_sitemap_cron
Maintenance & Trust

Sitemap by BestWebSoft – WordPress XML Site Map Page Generator Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 3, 2025
PHP min version
Downloads2.2M

Community Trust

Rating86/100
Number of ratings114
Active installs20K
Alternatives

Sitemap by BestWebSoft – WordPress XML Site Map Page Generator Plugin Alternatives

Sitemap by click5

Sitemap by click5

sitemap-by-click5

A
85

Best WordPress Sitemap plugin to generate and customize HTML & XML sitemaps for your website.

6K 1 CVE
WP SEO HTML Sitemap

WP SEO HTML Sitemap

wp-seo-html-sitemap

A
85

A responsive HTML sitemap that uses all of the settings for your XML sitemap in the WordPress SEO by Yoast Plugin.

6K No CVEs
XML Sitemaps

XML Sitemaps

xml-sitemaps

A
85

Automatically generates XML Sitemaps for your site and notifies search engines when they're updated.

2K No CVEs
Youtube Video Sitemap generator

Youtube Video Sitemap generator

youtube-video-sitemap-generator

A
85

Scan your site for youtube links in both post content and meta tags and create a xml video sitemap file on the fly.

300 No CVEs
Custom Sitemap Generator

Custom Sitemap Generator

custom-sitemap-generator

A
100

The most powerful standalone XML sitemap generator for WordPress with support for all post types, taxonomies, authors, and advanced SEO features.

90 No CVEs
Developer Profile

Sitemap by BestWebSoft – WordPress XML Site Map Page Generator Plugin Developer Profile

bestwebsoft

17 plugins · 207K total installs

76
trust score
Avg Security Score
95/100
Avg Patch Time
1729 days
View full developer profile
Detection Fingerprints

How We Detect Sitemap by BestWebSoft – WordPress XML Site Map Page Generator Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/google-sitemap-plugin/bws_menu/css/bws_menu.css/wp-content/plugins/google-sitemap-plugin/css/gglstmp_admin.css/wp-content/plugins/google-sitemap-plugin/js/gglstmp_admin.js
Script Paths
/wp-content/plugins/google-sitemap-plugin/js/gglstmp_admin.js
Version Parameters
google-sitemap-plugin/css/gglstmp_admin.css?ver=google-sitemap-plugin/js/gglstmp_admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
gglstmp_robots_optionsgglstmp_options_tabs
Data Attributes
data-bws-custom-input
JS Globals
gglstmp_auth
FAQ

Frequently Asked Questions about Sitemap by BestWebSoft – WordPress XML Site Map Page Generator Plugin