Vulners
Lucene search
CVE-2022-2461
🗓️ 06 Sep 2022 17:18:58Reported by WordfenceType 
cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 85 Views🌐 WEB
| Reporter | Title | Published | Views | Family All 22 |
|---|---|---|---|---|
 | Transposh WordPress Translation 1.0.7 Cross Site Scripting Vulnerability | 31 Jul 202200:00 | – | zdt |
| Transposh WordPress Translation 1.0.7 Incorrect Authorization Vulnerability | 31 Jul 202200:00 | – | zdt |
 | Exploit for Cross-site Scripting in Astaro Security_Gateway_Software | 30 Apr 201915:15 | – | githubexploit |
 | CVE-2022-2536 | 15 Dec 202219:15 | – | attackerkb |
| CVE-2022-2461 | 6 Sep 202218:15 | – | attackerkb |
 | CVE-2022-2461 | 16 Sep 202505:39 | – | circl |
 | WordPress plugin Transposh WordPress Translation 安全漏洞 | 29 Jul 202200:00 | – | cnnvd |
 | CVE-2022-2461 Transposh WordPress Translation <= 1.0.9.6 - Unauthorized Settings Change | 6 Sep 202217:18 | – | cvelist |
 | EUVD-2022-34722 | 7 Sep 202200:01 | – | euvd |
 | Transposh WordPress Translation <= 1.0.8 - Unauthenticated Settings Change | 24 Jun 202603:02 | – | nuclei |
10
Node
[
{
"vendor": "oferwald",
"product": "Transposh WordPress Translation",
"versions": [
{
"version": "0",
"status": "affected",
"lessThanOrEqual": "1.0.9.6",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| action | request body | /wp-admin/admin-ajax.php | Unauthenticated user can abuse tp_translation AJAX to add translations via admin-ajax.php, enabling unauthorized changes to site content. | CWE-862 |
| ln0 | request body | /wp-admin/admin-ajax.php | Unauthenticated user can abuse tp_translation AJAX to add translations via admin-ajax.php, enabling unauthorized changes to site content. | CWE-862 |
| sr0 | request body | /wp-admin/admin-ajax.php | Unauthenticated user can abuse tp_translation AJAX to add translations via admin-ajax.php, enabling unauthorized changes to site content. | CWE-862 |
| items | request body | /wp-admin/admin-ajax.php | Unauthenticated user can abuse tp_translation AJAX to add translations via admin-ajax.php, enabling unauthorized changes to site content. | CWE-862 |
| tk0 | request body | /wp-admin/admin-ajax.php | Unauthenticated user can abuse tp_translation AJAX to add translations via admin-ajax.php, enabling unauthorized changes to site content. | CWE-862 |
| tr0 | request body | /wp-admin/admin-ajax.php | Unauthenticated user can abuse tp_translation AJAX to add translations via admin-ajax.php, enabling unauthorized changes to site content. | CWE-862 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 04:41Current
6.7Medium risk
Vulners AI Score6.7
CVSS 3.15.3
EPSS0.03508
SSVC