CVE-2024-2124

The Translate WordPress and go Multilingual – Weglot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget/block in all versions up to, and including, 4.2.5 due to insufficient input sanitization and output escaping on user supplied attributes such as...

CVE-2025-10008

The Translate WordPress and go Multilingual – Weglot plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'cleanoptions' function in all versions up to, and including, 5.1. This makes it possible for unauthenticated attackers to delete limited...

CVE-2025-10008

CVE-2025-10008 affects Translate WordPress and go Multilingual – Weglot plugin for WordPress. Root cause: missing capability check in clean_options, allowing unauthenticated deletion of limited transients (cached plugin options) in all versions up to and including 5.1. Impact: unauthorized data l...

EUVD-2024-27088

Malicious code in bioql PyPI...

CVE-2024-2124

The Translate WordPress and go Multilingual – Weglot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget/block in all versions up to, and including, 4.2.5 due to insufficient input sanitization and output escaping on user supplied attributes such as...

CVE-2024-2124 Translate WordPress and go Multilingual – Weglot <= 4.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attributes

The Translate WordPress and go Multilingual – Weglot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget/block in all versions up to, and including, 4.2.5 due to insufficient input sanitization and output escaping on user supplied attributes such as...

CVE-2024-2124

The Translate WordPress and go Multilingual – Weglot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget/block in all versions up to, and including, 4.2.5 due to insufficient input sanitization and output escaping on user supplied attributes such as...

CVE-2024-2124

CVE-2024-2124 (Weglot for WordPress) : Stored XSS in Translate WordPress and go Multilingual – Weglot due to insufficient input sanitization and output escaping on widget/block attributes (e.g., className). Affected versions: up to and including 4.2.5. Exploitation requires authenticated access a...

WordPress Plugin Weglot Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...