5 matches found
WordPress Translatepress Multilinugal plugin < 2.3.3 - Authenticated SQL Injection Vulnerability
Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04 CVE :...
WordPress Translatepress Multilingual SQL Injection
Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Date: 2022-07-23 Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04...
CVE-2022-3141
creationtimestamp| type| source ---|---|--- 2022-09-19 18:38:03+00:00| seen| https://t.me/cibsecurity/50035 2023-03-25 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/51043...
CVE-2022-3141 Translatepress Multilinugal < 2.3.3 - Admin+ SQLi
The Translate Multilingual sites WordPress plugin before 2.3.3 is vulnerable to an authenticated SQL injection. By adding a new language via the settings page containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected...
CVE-2022-3141
CVE-2022-3141 concerns the WordPress TranslatePress (Translate Multilingual) plugin, affected versions before 2.3.3. An authenticated attacker can inject a time-based blind payload via a crafted language entry, bypassing backticks in SQL queries. This yields a high-impact SQL injection vulnerabil...