Lucene search
K

6 matches found

Nuclei
Nuclei
added yesterday17 views

Transposh WordPress Translation <= 1.0.8 - Unauthenticated Settings Change

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient permissions checking on the 'tptranslation' AJAX action and default settings which makes it possib...

5.3CVSS6.7AI score0.03644EPSS
Exploits6References4
Circl
Circl
added 2025/09/16 5:39 a.m.12 views

CVE-2022-2461

creationtimestamp| type| source ---|---|--- 2025-09-16 05:39:12+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-2461.yaml 2025-09-17 21:02:37+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lz2qayx6up25...

5.3CVSS6.2AI score0.03644EPSS
Exploits6References2
Prion
Prion
added 2022/12/15 7:15 p.m.24 views

Input validation

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient validation of settings on the 'tptranslation' AJAX action which makes it possible for...

5CVSS5.5AI score0.03644EPSS
Exploits9References7Affected Software1
CVE
CVE
added 2022/09/06 5:18 p.m.90 views

CVE-2022-2461

The Transposh WordPress Translation plugin is affected by CVE-2022-2461. Affected software: Transposh WordPress Translation plugin for WordPress. Vulnerable component: the tp_translation AJAX action, due to insufficient permissions checking. Root cause: unauthenticated users can trigger unauthori...

5.3CVSS6.7AI score0.03644EPSS
Exploits6References6Affected Software1
0day.today
0day.today
added 2022/07/31 12:0 a.m.271 views

Transposh WordPress Translation 1.0.7 Cross Site Scripting Vulnerability

Transposh WordPress Translation versions 1.0.7 and below have an ajax action "tptranslation" which is available to authenticated or unauthenticated users see CVE-2022-2461 that allows them to submit new translations. Translations submitted this way are shown on the Transposh administrative...

5.4CVSS0.03644EPSS
Exploits7
Packet Storm
Packet Storm
added 2022/07/29 12:0 a.m.273 views

Transposh WordPress Translation 1.0.7 Incorrect Authorization

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Transposh WordPress Translation Vendor URL: https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/ Type: Incorrect Authorization CWE-863 Date found: 2022-07-13 Date...

0.9AI score0.03644EPSS
Exploits6
Rows per page
Query Builder