Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:30 p.m.19 views

CVE-2022-2462

The Transposh WordPress Translation plugin for WordPress is vulnerable to sensitive information disclosure to unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient permissions checking on the 'tphistory' AJAX action and insufficient restriction on the data...

5.3CVSS6.6AI score0.0305EPSS
Exploits4References1
CVE
CVE
added 2022/09/06 5:18 p.m.89 views

CVE-2022-2462

The CVE-2022-2462 entry concerns the Transposh WordPress Translation plugin (versions up to and including 1.0.8.1). The vulnerability arises from insufficient permissions checking on the AJAX action tp_history and overly permissive data in the response, enabling unauthenticated disclosure of tran...

5.3CVSS6.6AI score0.0305EPSS
Exploits4References6Affected Software1
0day.today
0day.today
added 2022/07/31 12:0 a.m.250 views

Transposh WordPress Translation 1.0.8.1 Information Disclosure Vulnerability

Transposh WordPress Translation versions 1.0.8.1 and below have an ajax action called "tphistory" which is intended to return data about who has translated a text given by the "token" parameter. However, the plugin also returns the user's login name as part of the "userlogin" attribute. Successfu...

5.3CVSS5.2AI score0.0305EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/07/29 12:0 a.m.346 views

Transposh WordPress Translation 1.0.8.1 Information Disclosure

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Transposh WordPress Translation Vendor URL: https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/ Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200...

5.3AI score0.0305EPSS
Exploits4
Rows per page
Query Builder