WordPress plugin Falang multilanguage 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

CVE-2024-55999 WordPress XML Multilanguage Sitemap Generator plugin <= 2.0.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Marco Giannini XML Multilanguage Sitemap Generator xml-multilanguage-sitemap-generator.This issue affects XML Multilanguage Sitemap Generator: from n/a through = 2.0.6...

PT-2024-17376 · WordPress · Quran Multilanguage Text & Audio

Name of the Vulnerable Software and Affected Versions: The Quran multilanguage Text & Audio plugin for WordPress versions prior to 2.3.22 Description: The issue is related to Reflected Cross-Site Scripting via the sourate and lang parameters due to insufficient input sanitization and output...

WordPress Quran multilanguage Text & Audio plugin <= 2.3.21 - Reflected Cross-Site Scripting via sourate and lang Parameters vulnerability

Reflected Cross-Site Scripting via sourate and lang Parameters vulnerability discovered by vgo0 in WordPress Plugin Quran multilanguage Text & Audio versions = 2.3.21...

WordPress Falang multilanguage Plugin <= 1.3.52 is vulnerable to Broken Access Control

Software Falang multilanguage Type Plugin Vulnerable versions = 1.3.52 Fixed in 1.3.53 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6869 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 001e21802ca4 Credits Lucio Sá Required...

PT-2024-37916 · WordPress · Falang Multilanguage For Wordpress

Name of the Vulnerable Software and Affected Versions: Falang multilanguage for WordPress plugin versions up to, and including, 1.3.52 Description: The issue allows authenticated attackers with Subscriber-level access and above to update and delete translations and expose the administrator email...

WordPress Falang multilanguage for WordPress plugin <= 1.3.51 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Falang multilanguage versions = 1.3.51...

WordPress Falang multilanguage Plugin <= 1.3.51 is vulnerable to Cross Site Request Forgery (CSRF)

Software Falang multilanguage Type Plugin Vulnerable versions = 1.3.51 Fixed in 1.3.52 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37240 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 118e700fa296 Credits Dhabaleshwar...

WordPress plugin Falang multilanguage 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-4417

CVE-2024-4417 is for Falang multilanguage for WordPress. The vulnerability is a Stored Cross-Site Scripting via admin settings in Falang versions ≤ 1.3.49, caused by insufficient input sanitization and output escaping. It affects multisite setups and installations where unfiltered_html is disable...

CVE-2024-4417 Falang multilanguage for WordPress <= 1.3.49 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Falang multilanguage for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.3.49 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress Falang multilanguage for WordPress plugin <= 1.3.49 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin Falang multilanguage versions = 1.3.49...

WordPress Falang multilanguage Plugin <= 1.3.49 is vulnerable to Cross Site Scripting (XSS)

Software Falang multilanguage Type Plugin Vulnerable versions = 1.3.49 Fixed in 1.3.50 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4417 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f66544b43c9b Credits Benedictus Jovan...

CVE-2024-30495

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Faboba Falang multilanguage.This issue affects Falang multilanguage: from n/a through 1.3.47...

CVE-2024-30495

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Faboba Falang multilanguage.This issue affects Falang multilanguage: from n/a through 1.3.47...

CVE-2024-30495 WordPress Falang multilanguage for WordPress plugin <= 1.3.47 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Faboba Falang multilanguage.This issue affects Falang multilanguage: from n/a through 1.3.47...

CVE-2024-30495

CVE-2024-30495 is a SQL Injection in Falang multilanguage for WordPress (Falang plugin) affecting versions up to 1.3.47. The issue is an SQL injection via improper neutralization of input in Falang’s language handling. The Red Hat/WordPress ecosystem records this as patched; mitigation is to appl...

WordPress Plugin Falang multilanguage for WordPress SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Falang multilanguage for...

PT-2024-23421 · Falang · Falang

Name of the Vulnerable Software and Affected Versions: Falang multilanguage versions 1.3.47 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by injectin...

WordPress Falang multilanguage Plugin <= 1.3.47 is vulnerable to SQL Injection

Software Falang multilanguage Type Plugin Vulnerable versions = 1.3.47 Fixed in 1.3.48 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-30495 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 420627fa8863 Credits Jean Tirstan T Required privilege...