48 matches found
WordPress plugin TranslatePress 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
PT-2025-13059 · Cozmoslabs · Cozmoslabs Translatepress
Name of the Vulnerable Software and Affected Versions: Cozmoslabs TranslatePress versions 2.9.6 and earlier Description: The issue is related to the deserialization of untrusted data, which allows object injection. This is a problem that affects the functionality of the software, potentially...
CVE-2024-34827
Cross-Site Request Forgery CSRF vulnerability in Cozmoslabs, Razvan Mocanu, Madalin Ungureanu, Cristophor Hurduban TranslatePress.This issue affects TranslatePress: from n/a through 2.7.5...
WordPress plugin TranslatePress 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. WordPress plugin...
CVE-2024-34827 WordPress Translate Multilingual sites – TranslatePress plugin <= 2.7.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Cozmoslabs, Razvan Mocanu, Madalin Ungureanu, Cristophor Hurduban TranslatePress.This issue affects TranslatePress: from n/a through 2.7.5...
CVE-2024-34827 WordPress Translate Multilingual sites – TranslatePress plugin <= 2.7.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Cozmoslabs, Razvan Mocanu, Madalin Ungureanu, Cristophor Hurduban TranslatePress.This issue affects TranslatePress: from n/a through 2.7.5...
PT-2024-26224 · WordPress · Translatepress
Name of the Vulnerable Software and Affected Versions: TranslatePress versions 2.7.5 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application. The estimated number of...
WordPress Translate Multilingual sites – TranslatePress plugin <= 2.7.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin TranslatePress versions = 2.7.5...
WordPress TranslatePress Plugin <= 2.7.5 is vulnerable to Cross Site Request Forgery (CSRF)
Software TranslatePress Type Plugin Vulnerable versions = 2.7.5 Fixed in 2.7.6 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-34827 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 201789e48743 Credits Dhabaleshwar Das...
WordPress Translatepress Multilinugal plugin < 2.3.3 - Authenticated SQL Injection Vulnerability
Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04 CVE :...
WordPress Translatepress Multilingual SQL Injection
Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Date: 2022-07-23 Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04...
Translatepress Multilinugal WordPress plugin < 2.3.3 - Authenticated SQL Injection
Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Date: 2022-07-23 Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04...
WordPress plugin Translatepress Multilinugal SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Translatepress...
WordPress TranslatePress plugin <= 2.3.2 - Authenticated SQL Injection (SQLi) vulnerability
Authenticated SQL Injection SQLi vulnerability discovered by Elias Hohl in WordPress TranslatePress plugin versions = 2.3.2. Solution Update the WordPress TranslatePress plugin to the latest available version at least 2.3.3...
Translatepress Multilinugal < 2.3.3 - Admin+ SQLi
The plugin is vulnerable to an authenticated SQL injection. By adding a new language via the settings page containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected. To exploit the vulnerability, someone must send a...
WordPress TranslatePress Plugin < 2.0.9 XSS Vulnerability
The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
WordPress TranslatePress 2.0.8 Plugin - Stored Cross-Site Scripting Vulnerability
Exploit Title: WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting XSS Authenticated Exploit Author: Nosa Shandy Apapedulimu Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Reference:...
WordPress TranslatePress 2.0.8 Cross Site Scripting
Exploit Title: WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting XSS Authenticated Date: 06-08-2021 Exploit Author: Nosa Shandy Apapedulimu Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Reference:...
WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting (XSS) (Authenticated)
Exploit Title: WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting XSS Authenticated Date: 06-08-2021 Exploit Author: Nosa Shandy Apapedulimu Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Reference:...
CVE-2021-24610
The TranslatePress WordPress plugin before 2.0.9 does not implement a proper sanitisation on the translated strings. The 'trpsanitizestring' function only removes script tag with a regex, still allowing other HTML tags and attributes to execute javascript, which could lead to authenticated Stored...