Lucene search
K

4 matches found

OSV
OSV
added 2022/12/15 7:15 p.m.4 views

CVE-2022-2536

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient validation of settings on the 'tptranslation' AJAX action which makes it possible for...

7.5CVSS5.9AI score0.01369EPSS
Exploits4References7
Vulnrichment
Vulnrichment
added 2022/12/15 4:1 a.m.17 views

CVE-2022-2536 Transposh WordPress Translation <= 1.0.9.6 - Authorization Bypass

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient validation of settings on the 'tptranslation' AJAX action which makes it possible for...

5.3CVSS6.7AI score0.01369EPSS
Exploits4References7
OSV
OSV
added 2022/09/06 6:15 p.m.5 views

CVE-2022-2461

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient permissions checking on the 'tptranslation' AJAX action and default settings which makes it possib...

5.3CVSS6.7AI score0.03644EPSS
Exploits6References6
OSV
OSV
added 2022/08/22 3:15 p.m.5 views

CVE-2021-24912

The Transposh WordPress Translation WordPress plugin before 1.0.8 does not have CSRF check in its tptranslation AJAX action, which could allow attackers to make authorised users add a translation. Given the lack of sanitisation in the tk0 parameter, this could lead to a Stored Cross-Site Scriptin...

5.4CVSS7.3AI score0.00304EPSS
Exploits3References1
Rows per page
Query Builder