CVE-2026-27745

The SPIP interfacetraductionobjets plugin versions prior to 2.2.2 contain an authenticated remote code execution vulnerability in the translation interface workflow. The plugin incorporates untrusted request data into a hidden form field that is rendered without SPIP output filtering. Because...

CVE-2025-60076 WordPress Ray Enterprise Translation plugin <= 1.7.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Jiro Sasamoto Ray Enterprise Translation lingotek-translation allows PHP Local File Inclusion.This issue affects Ray Enterprise Translation: from n/a through = 1.7.1...

EUVD-2023-50822

Malicious code in bioql PyPI...

WordPress Force Update Translations plugin <= 0.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Force Update Translations versions = 0.5...

CVE-2023-46620

Cross-Site Request Forgery CSRF vulnerability in Fluenx DeepL API translation plugin = 2.3.9.1 versions...

CVE-2023-27446

Cross-Site Request Forgery CSRF vulnerability in Fluenx DeepL API translation plugin = 2.1.4 versions...

CVE-2024-50493 WordPress Automatic Translation plugin <= 1.0.4 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in masterhomepage Automatic Translation automatic-translation allows Upload a Web Shell to a Web Server.This issue affects Automatic Translation: from n/a through = 1.0.4...

WordPress plugin Automatic Translation 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

CVE-2023-27446

Cross-Site Request Forgery CSRF vulnerability in Fluenx DeepL API translation plugin = 2.1.4 versions...

CVE-2023-27446

Cross-Site Request Forgery CSRF vulnerability in Fluenx DeepL API translation plugin = 2.1.4 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Fluenx DeepL API translation plugin = 2.1.4 versions...

CVE-2023-27446

CVE-2023-27446 affects the WordPress DeepL Pro API translation plugin (versions

CVE-2023-46620

Cross-Site Request Forgery CSRF vulnerability in Fluenx DeepL API translation plugin = 2.3.9.1 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Fluenx DeepL API translation plugin = 2.3.9.1 versions...

WordPress Plugin DeepL API translation plugin security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

CVE-2022-2536

The Transposh WordPress Translation plugin for WordPress is affected by an unauthorized settings-change vulnerability (CVE-2022-2536) via the tp_translation AJAX action. Root cause: insufficient permission/validation checks on that endpoint, allowing unauthenticated users to influence site data. ...

CVE-2022-2536 Transposh WordPress Translation <= 1.0.9.6 - Authorization Bypass

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient validation of settings on the 'tptranslation' AJAX action which makes it possible for...

CVE-2022-3691

The DeepL Pro API translation plugin WordPress plugin before 1.7.5 discloses sensitive information including the DeepL API key in files that are publicly accessible to an external, unauthenticated visitor...

CVE-2022-3691

CVE-2022-3691 affects the WordPress DeepL Pro API Translation plugin, versions prior to 1.7.5. The root cause is insufficient protection of sensitive data, resulting in API keys and other information being disclosed in publicly accessible files or logs. The impact is exposure of the DeepL API key...

CVE-2022-2461

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient permissions checking on the 'tptranslation' AJAX action and default settings which makes it possib...