48 matches found
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in WPML Multilingual CMS premium plugin = 4.5.13 on WordPress...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in WPML Multilingual CMS premium plugin = 4.5.13 on WordPress...
Improper access control
Broken Access Control vulnerability in WPML Multilingual CMS premium plugin = 4.5.10 on WordPress allows users with a subscriber or higher user role to change plugin settings selected language for legacy widgets, the default behavior for media content...
CVE-2022-38461 WordPress WPML Multilingual CMS premium plugin <= 4.5.10 - Broken Access Control vulnerability
Broken Access Control vulnerability in WPML Multilingual CMS premium plugin = 4.5.10 on WordPress allows users with a subscriber or higher user role to change plugin settings selected language for legacy widgets, the default behavior for media content...
CVE-2022-38461
The CVE-2022-38461 entry affects the WPML Multilingual CMS premium plugin for WordPress (versions
CVE-2022-45071 WordPress WPML Multilingual CMS premium plugin <= 4.5.13 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in WPML Multilingual CMS premium plugin = 4.5.13 on WordPress...
CVE-2022-45071
The CVE-2022-45071 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress WPML Multilingual CMS premium plugin up to version 4.5.13. The root cause identified across multiple sources is missing CSRF protections in certain areas (e.g., actions like translation-job statu...
CVE-2022-45071 WordPress WPML Multilingual CMS premium plugin <= 4.5.13 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in WPML Multilingual CMS premium plugin = 4.5.13 on WordPress...
CVE-2022-45072
CVE-2022-45072 affects WPML Multilingual CMS premium plugin
WordPress plugin Multilingual CMS 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Multilingual CMS 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2022-27400 · WordPress · Wpml Multilingual Cms
Name of the Vulnerable Software and Affected Versions: WPML Multilingual CMS premium plugin versions = 4.5.13 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user is...
WordPress WPML Multilingual CMS premium plugin <= 4.5.13 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability leading to status change of translation job discovered by Dave Jong Patchstack in WordPress WPML Multilingual CMS premium plugin versions = 4.5.13. Solution Update the WordPress Multilingual CMS plugin to the latest available version at least 4.5.14...
WordPress WPML Multilingual CMS premium plugin <= 4.5.10 - Broken Access Control vulnerability
Broken Access Control vulnerability leading to status change of translation job discovered by Dave Jong Patchstack in the WordPress WPML Multilingual CMS premium plugin versions = 4.5.10. Solution Update the WordPress Multilingual CMS plugin to the latest available version at least 4.5.11...
WordPress WPML Multilingual CMS premium plugin <= 4.5.10 - Broken Access Control vulnerability
Broken Access Control vulnerability leading to plugin settings change selected language for legacy widgets can be changed, and default behavior for media content can be changed discovered by Dave Jong in WordPress WPML Multilingual CMS premium plugin versions = 4.5.10. Solution Update the WordPre...
WordPress WPML Multilingual CMS premium plugin <= 4.5.13 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability discovered by Dave Jong Patchstack in WordPress WPML Multilingual CMS premium plugin versions = 4.5.13 Solution Update the WordPress Multilingual CMS plugin to the latest available version at least 4.5.14...
WordPress sitepress-multilingual-cms cross-site request forgery vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. sitepress-multilingual-cms WPML plugin is a website multilingual support plugin used in it. A cross-site request forgery vulnerability...
CVE-2020-10568
The sitepress-multilingual-cms WPML plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of requests that leverage unintended comparisons of integers to strings...
CVE-2020-10568
The sitepress-multilingual-cms WPML plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of requests that leverage unintended comparisons of integers to strings...
CVE-2020-10568
The sitepress-multilingual-cms WPML plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of requests that leverage unintended comparisons of integers to strings...