Lucene search
+L

5 matches found

patchstack
patchstack
added 2025/07/17 12:6 p.m.13 views

WordPress Transposh WordPress Translation plugin <= 1.0.7 - Reflected Cross-Site Scripting via tp_tp vulnerability

Reflected Cross-Site Scripting via tptp vulnerability discovered by Julien Ahrens in WordPress Plugin Transposh WordPress Translation versions = 1.0.7...

6.1CVSS6.2AI score0.01266EPSS
Exploits4References2Affected Software1
circl
circl
added 2023/04/27 9:58 a.m.11 views

CVE-2021-24910

creationtimestamp| type| source ---|---|--- 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-24910.yaml...

6.1CVSS6.9AI score0.01266EPSS
Exploits4References1
cvelist
cvelist
added 2022/08/22 2:55 p.m.26 views

CVE-2021-24910 Transposh WordPress Translation < 1.0.8 - Reflected Cross-Site Scripting

The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the a parameter via an AJAX action available to both unauthenticated and authenticated users when the curl library is installed before outputting it back in the response, leading to a Reflected Cross-Si...

6.2AI score0.01266EPSS
Exploits4References1
cve
cve
added 2022/08/22 2:55 p.m.88 views

CVE-2021-24910

The CVE-2021-24910 entry concerns the WordPress plugin Transposh Translation (before 1.0.8). Affected component: the plugin’s AJAX action, which unsafely outputs the unescaped value of the a parameter back in the response. Root cause: insufficient sanitisation/escaping of user input in the tp_tp ...

6.1CVSS6.1AI score0.01266EPSS
Exploits4References1Affected Software1
zdt
zdt
added 2022/07/31 12:0 a.m.260 views

Transposh WordPress Translation 1.0.7 Cross Site Scripting Vulnerability (2)

Transposh WordPress Translation versions 1.0.7 and below have an ajax action "tptp" that is vulnerable to an unauthenticated/authenticated reflected cross site scripting vulnerability when user-supplied input to the HTTP GET parameter "q" is processed by the web application. Since the application...

6.1CVSS0.1AI score0.01266EPSS
Exploits4
Rows per page
Query Builder