WordPress Prisna GWT plugin < 1.4.14 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Prisna GWT – Google Website Translator versions 1.4.14...

CVE-2024-8514

The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.11 via deserialization of untrusted input from the 'prisnaimport' parameter. This makes it possible for authenticated attackers, with Administrator-level...

CVE-2024-8514 Prisna GWT - Google Website Translator <= 1.4.11 - Authenticated (Admin+) PHP Object Injection

The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.11 via deserialization of untrusted input from the 'prisnaimport' parameter. This makes it possible for authenticated attackers, with Administrator-level...

CVE-2024-8514 Prisna GWT - Google Website Translator <= 1.4.11 - Authenticated (Admin+) PHP Object Injection

The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.11 via deserialization of untrusted input from the 'prisnaimport' parameter. This makes it possible for authenticated attackers, with Administrator-level...

WordPress Prisna GWT – Google Website Translator Plugin <= 1.4.11 is vulnerable to PHP Object Injection

Software Prisna GWT – Google Website Translator Type Plugin Vulnerable versions = 1.4.11 Fixed in 1.4.12 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-8514 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID 96a1cccedfb0 Credits Lesor101 Required...