2 matches found
CVE-2024-2124
The Translate WordPress and go Multilingual – Weglot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget/block in all versions up to, and including, 4.2.5 due to insufficient input sanitization and output escaping on user supplied attributes such as...
CVE-2024-2124
CVE-2024-2124 (Weglot for WordPress) : Stored XSS in Translate WordPress and go Multilingual – Weglot due to insufficient input sanitization and output escaping on widget/block attributes (e.g., className). Affected versions: up to and including 4.2.5. Exploitation requires authenticated access a...