CVE-2025-8425

The My WP Translate plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ajaximportstrings function in all versions up to, and including, 1.1. This makes it possible for authenticated attackers, with...

CVE-2025-8425 My WP Translate <= 1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The My WP Translate plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ajaximportstrings function in all versions up to, and including, 1.1. This makes it possible for authenticated attackers, with...

PT-2025-37130

Name of the Vulnerable Software and Affected Versions: My WP Translate plugin for WordPress versions up to and including 1.1 Description: The My WP Translate plugin for WordPress is susceptible to unauthorized data modification, potentially leading to privilege escalation. A missing capability...

Authorization

The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the processpolylangthemetranslationwploaded function. This makes it possible for unauthenticated attackers to update plugin and theme...