2 matches found
CVE-2026-49776
Unauthenticated SQL Injection in GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites = 2.32.6 versions...
CVE-2026-9109
CVE-2026-9109 : Stored Cross-Site Scripting in GPTranslate – Multilingual AI Translation for WordPress (versions ≤ 2.31) due to insufficient input sanitization and output escaping in REST API Translation Storage. Unauthenticated users can inject scripts; the API key (SHA-256 of site URL) is print...