Lucene search
K

48 matches found

CNNVD
CNNVD
added 2025/03/27 12:0 a.m.5 views

WordPress plugin TranslatePress 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

7.2CVSS8.7AI score0.00746EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/03/27 12:0 a.m.5 views

PT-2025-13059 · Cozmoslabs · Cozmoslabs Translatepress

Name of the Vulnerable Software and Affected Versions: Cozmoslabs TranslatePress versions 2.9.6 and earlier Description: The issue is related to the deserialization of untrusted data, which allows object injection. This is a problem that affects the functionality of the software, potentially...

7.2CVSS9.4AI score0.00746EPSS
Exploits0References6
NVD
NVD
added 2024/05/14 3:39 p.m.20 views

CVE-2024-34827

Cross-Site Request Forgery CSRF vulnerability in Cozmoslabs, Razvan Mocanu, Madalin Ungureanu, Cristophor Hurduban TranslatePress.This issue affects TranslatePress: from n/a through 2.7.5...

4.3CVSS5AI score0.00249EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.4 views

WordPress plugin TranslatePress 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. WordPress plugin...

4.3CVSS6.5AI score0.00249EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/05/10 8:18 a.m.16 views

CVE-2024-34827 WordPress Translate Multilingual sites – TranslatePress plugin <= 2.7.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Cozmoslabs, Razvan Mocanu, Madalin Ungureanu, Cristophor Hurduban TranslatePress.This issue affects TranslatePress: from n/a through 2.7.5...

4.3CVSS7AI score0.00249EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/10 8:18 a.m.24 views

CVE-2024-34827 WordPress Translate Multilingual sites – TranslatePress plugin <= 2.7.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Cozmoslabs, Razvan Mocanu, Madalin Ungureanu, Cristophor Hurduban TranslatePress.This issue affects TranslatePress: from n/a through 2.7.5...

4.3CVSS5.9AI score0.00249EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/10 12:0 a.m.8 views

PT-2024-26224 · WordPress · Translatepress

Name of the Vulnerable Software and Affected Versions: TranslatePress versions 2.7.5 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application. The estimated number of...

4.3CVSS7.3AI score0.00249EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/05/09 2:2 p.m.5 views

WordPress Translate Multilingual sites – TranslatePress plugin <= 2.7.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin TranslatePress versions = 2.7.5...

4.3CVSS7AI score0.00249EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/05/09 12:0 a.m.10 views

WordPress TranslatePress Plugin <= 2.7.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software TranslatePress Type Plugin Vulnerable versions = 2.7.5 Fixed in 2.7.6 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-34827 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 201789e48743 Credits Dhabaleshwar Das...

4.3CVSS6.7AI score0.00249EPSS
Exploits0References2Affected Software1
0day.today
0day.today
added 2023/03/27 12:0 a.m.311 views

WordPress Translatepress Multilinugal plugin < 2.3.3 - Authenticated SQL Injection Vulnerability

Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04 CVE :...

8.8CVSS8.8AI score0.03851EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.232 views

WordPress Translatepress Multilingual SQL Injection

Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Date: 2022-07-23 Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04...

8.8CVSS8.8AI score0.03851EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/03/25 12:0 a.m.244 views

Translatepress Multilinugal WordPress plugin &lt; 2.3.3 - Authenticated SQL Injection

Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Date: 2022-07-23 Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04...

8.8CVSS8.8AI score0.03851EPSS
Exploits5
CNNVD
CNNVD
added 2022/09/19 12:0 a.m.8 views

WordPress plugin Translatepress Multilinugal SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Translatepress...

8.8CVSS8.1AI score0.03851EPSS
Exploits5References5
Patchstack
Patchstack
added 2022/07/23 12:0 a.m.26 views

WordPress TranslatePress plugin <= 2.3.2 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Elias Hohl in WordPress TranslatePress plugin versions = 2.3.2. Solution Update the WordPress TranslatePress plugin to the latest available version at least 2.3.3...

8.8CVSS2.9AI score0.03851EPSS
Exploits5References1Affected Software1
wpexploit
wpexploit
added 2022/07/23 12:0 a.m.148 views

Translatepress Multilinugal < 2.3.3 - Admin+ SQLi

The plugin is vulnerable to an authenticated SQL injection. By adding a new language via the settings page containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected. To exploit the vulnerability, someone must send a...

8.8CVSS1AI score0.03851EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2021/10/29 12:0 a.m.20 views

WordPress TranslatePress Plugin < 2.0.9 XSS Vulnerability

The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

4.8CVSS6.9AI score0.05432EPSS
Exploits5References2
0day.today
0day.today
added 2021/09/28 12:0 a.m.202 views

WordPress TranslatePress 2.0.8 Plugin - Stored Cross-Site Scripting Vulnerability

Exploit Title: WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting XSS Authenticated Exploit Author: Nosa Shandy Apapedulimu Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Reference:...

4.8CVSS5.2AI score0.05432EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/09/28 12:0 a.m.227 views

WordPress TranslatePress 2.0.8 Cross Site Scripting

Exploit Title: WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting XSS Authenticated Date: 06-08-2021 Exploit Author: Nosa Shandy Apapedulimu Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Reference:...

5.1AI score0.05432EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/09/28 12:0 a.m.207 views

WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting XSS Authenticated Date: 06-08-2021 Exploit Author: Nosa Shandy Apapedulimu Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Reference:...

4.8CVSS5.1AI score0.05432EPSS
Exploits5
OSV
OSV
added 2021/09/27 4:15 p.m.4 views

CVE-2021-24610

The TranslatePress WordPress plugin before 2.0.9 does not implement a proper sanitisation on the translated strings. The 'trpsanitizestring' function only removes script tag with a regex, still allowing other HTML tags and attributes to execute javascript, which could lead to authenticated Stored...

4.8CVSS5.9AI score0.05432EPSS
Exploits5References2
Rows per page
Query Builder