CVE-2022-0765

creationtimestamp| type| source ---|---|--- 2022-04-18 22:23:47+00:00| seen| https://t.me/cibsecurity/41061 2025-12-24 21:02:55+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mar5xyy4qq2f...

CVE-2022-0765 Loco Translate < 2.6.1 - Authenticated Stored Cross-Site Scripting

The Loco Translate WordPress plugin before 2.6.1 does not properly remove inline events from elements in the source translation strings before outputting them in the editor in the plugin admin panel, allowing any user with access to the plugin Translator and Administrator by default to add...

CVE-2022-0765

CVE-2022-0765 affects the WordPress Loco Translate plugin prior to version 2.6.1. A stored XSS exists because the plugin does not properly remove inline events from source translation strings before output in the editor, allowing authenticated users (Translator/Administrator by default) to inject...

SUSE: Security Advisory (SUSE-SU-2022:0765-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...