9 matches found
CVE-2024-2124
CVE-2024-2124 (Weglot for WordPress) : Stored XSS in Translate WordPress and go Multilingual – Weglot due to insufficient input sanitization and output escaping on widget/block attributes (e.g., className). Affected versions: up to and including 4.2.5. Exploitation requires authenticated access a...
CVE-2023-4502
The Translate WordPress with GTranslate WordPress plugin before 3.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisi...
CVE-2023-4502
CVE-2023-4502 concerns the Translate WordPress with GTranslate plugin (before 3.0.4). Multiple connected sources confirm a Stored XSS vulnerability caused by insufficient sanitisation/escaping of plugin settings, which can permit high-privilege users (e.g., admins) to inject script payloads even ...
WordPress plugin Translate WordPress with GTranslate Cross Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2022-0770
The Translate WordPress with GTranslate plugin for WordPress is affected by a CSRF vulnerability in versions before 2.9.9, due to missing CSRF checks in certain files. This flaw can cause the plugin to write debug data such as a user’s cookies to publicly accessible files when a specific paramete...
WordPress plugin Translate WordPress with GTranslate 跨站请求伪造漏洞
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Translate WordPress with GTranslate plugin version 2.9.9 is vulnerable to cross-site request forgery. The vulnerability...
Wordpress Plugin Translate WordPress with GTranslate 跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...
CVE-2021-24594
The Translate WordPress – Google Language Translator WordPress plugin before 6.0.12 does not sanitise and escape some of its settings before outputting it in various pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2021-24594
CVE-2021-24594 affects the Translate WordPress – Google Language Translator plugin for WordPress up to version 6.0.12. The root cause is insufficient sanitization/escaping of certain plugin settings before output, allowing stored Cross-Site Scripting by high-privilege users even when unfiltered_h...