Lucene search
+L

16 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:52 p.m.8 views

CVE-2020-10568

The sitepress-multilingual-cms WPML plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of requests that leverage unintended comparisons of integers to strings...

8.8CVSS7.9AI score0.01705EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:26 a.m.6 views

CVE-2015-9416

The sitepress-multilingual-cms WPML plugin 2.9.3 to 3.2.6 for WordPress has XSS via the Accept-Language HTTP header...

6.1CVSS6AI score0.0102EPSS
Exploits1References1
wpexploit
wpexploit
added 2023/05/15 12:0 a.m.308 views

Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue < 3.1.61 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the admin dashboard when the WPML plugin is also active and configured, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Make a logged in admin open a page...

6.1CVSS5.7AI score0.00486EPSS
Exploits2
CNVD
CNVD
added 2020/03/17 12:0 a.m.6 views

WordPress sitepress-multilingual-cms cross-site request forgery vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. sitepress-multilingual-cms WPML plugin is a website multilingual support plugin used in it. A cross-site request forgery vulnerability...

8.8CVSS6.7AI score0.01705EPSS
Exploits1References1
NVD
NVD
added 2020/03/14 2:15 p.m.31 views

CVE-2020-10568

The sitepress-multilingual-cms WPML plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of requests that leverage unintended comparisons of integers to strings...

8.8CVSS9AI score0.01705EPSS
Exploits1References2
OSV
OSV
added 2020/03/14 2:15 p.m.5 views

CVE-2020-10568

The sitepress-multilingual-cms WPML plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of requests that leverage unintended comparisons of integers to strings...

8.8CVSS7.8AI score0.01705EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/03/14 1:50 p.m.30 views

CVE-2020-10568

The sitepress-multilingual-cms WPML plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of requests that leverage unintended comparisons of integers to strings...

9AI score0.01705EPSS
Exploits1References2
CNVD
CNVD
added 2019/09/29 12:0 a.m.5 views

WordPress sitepress-multilingual-cms (WPML) plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. sitepress-multilingual-cms WPML plugin is a website multilingual support plugin used in it. A cross-site scripting vulnerability exist...

6.1CVSS6.3AI score0.0102EPSS
Exploits1References1
0day.today
0day.today
added 2018/10/10 12:0 a.m.19 views

Sitepress Multilingual 3.6.3 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications FULL DISCLOSURE Product : Sitepress Multilingual CMS Plugin Exploit Author : Rahul Pratap Singh Version : 3.6.3 and Below Home page Link : https://wpml.org/ Website: https://0x62626262.wordpress.com Date : 08/10/2018 Unauthenticated Stored XSS...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/10/09 12:0 a.m.21 views

Sitepress Multilingual 3.6.3 Cross Site Scripting

FULL DISCLOSURE Product : Sitepress Multilingual CMS Plugin Exploit Author : Rahul Pratap Singh Version : 3.6.3 and Below Home page Link : https://wpml.org/ Website: https://0x62626262.wordpress.com Date : 08/10/2018 Unauthenticated Stored XSS Vulnerability: aaaaaaaaaaaaa- Description:...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2018/10/08 10:0 p.m.33 views

CVE-2018-18069

processforms in the WPML aka sitepress-multilingual-cms plugin through 3.6.3 for WordPress has XSS via any localefilename parameter such as localefilenameen in an authenticated theme-localization.php request to wp-admin/admin.php...

6AI score0.13207EPSS
Exploits2References1
CVE
CVE
added 2018/10/08 10:0 p.m.91 views

CVE-2018-18069

The CVE-2018-18069 entry concerns the WordPress plugin sitepress-multilingual-cms (WPML) up to version 3.6.3. A Cross-Site Scripting (XSS) flaw exists in the process_forms function via any locale_file_name_ parameter (e.g., locale_file_name_en) when making an authenticated request to wp-admin/adm...

6.1CVSS5.9AI score0.13207EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2015/03/30 2:0 p.m.28 views

CVE-2015-2791

The "menu sync" function in the WPML plugin before 3.1.9 for WordPress allows remote attackers to delete arbitrary posts, pages, and menus via a crafted request to sitepress-multilingual-cms/menu/menus-sync.php...

6.7AI score0.13294EPSS
Exploits1References5
CVE
CVE
added 2015/03/30 2:0 p.m.62 views

CVE-2015-2791

CVE-2015-2791 affects the WordPress WPML plugin prior to 3.1.9. The vulnerability is in the plugin’s menu sync function and allows remote attackers to delete arbitrary posts, pages, and menus via a crafted request to sitepress-multilingual-cms/menu/menus-sync.php. The evidence base also notes bro...

6.4CVSS6.9AI score0.13294EPSS
Exploits1References5Affected Software1
WPVulnDB
WPVulnDB
added 2015/03/12 12:0 a.m.34 views

WPML <= 3.1.7.2 - Multiple Vulnerabilities (Including SQLi)

The sitepress-multilingual-cms WordPress plugin was affected by a Multiple Vulnerabilities Including SQLi security vulnerability...

7.5CVSS2.5AI score0.13294EPSS
Exploits3References5Affected Software1
0day.today
0day.today
added 2012/12/30 12:0 a.m.322 views

Wordpress plugins sitepress-multilingual-cms Full Path Disclosure

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
Rows per page
Query Builder