Lucene search
K

34 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2021-11824

Malware in sbrugna...

5.4CVSS6.5AI score0.00304EPSS
Exploits3References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2022-34790

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.01369EPSS
Exploits4References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2021-11822

Malicious code in bioql PyPI...

6.1CVSS6.9AI score0.01266EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:5 a.m.11 views

CVE-2022-2461

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient permissions checking on the 'tptranslation' AJAX action and default settings which makes it possib...

5.3CVSS6.7AI score0.03644EPSS
Exploits6References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:24 p.m.9 views

CVE-2021-24910

The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the a parameter via an AJAX action available to both unauthenticated and authenticated users when the curl library is installed before outputting it back in the response, leading to a Reflected Cross-Si...

6.1CVSS6.2AI score0.01266EPSS
Exploits4References1
ATTACKERKB
ATTACKERKB
added 2022/12/15 7:15 p.m.3 views

CVE-2022-2536

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient validation of settings on the 'tptranslation' AJAX action which makes it possible for...

7.5CVSS6.9AI score0.03644EPSS
Exploits9References8
OSV
OSV
added 2022/12/15 7:15 p.m.4 views

CVE-2022-2536

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient validation of settings on the 'tptranslation' AJAX action which makes it possible for...

7.5CVSS5.9AI score0.01369EPSS
Exploits4References7
Prion
Prion
added 2022/12/15 7:15 p.m.25 views

Input validation

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient validation of settings on the 'tptranslation' AJAX action which makes it possible for...

5CVSS5.5AI score0.03644EPSS
Exploits9References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/09/06 6:15 p.m.4 views

CVE-2022-2462

The Transposh WordPress Translation plugin for WordPress is vulnerable to sensitive information disclosure to unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient permissions checking on the 'tphistory' AJAX action and insufficient restriction on the data...

5.3CVSS5.9AI score0.0305EPSS
Exploits4References7
OSV
OSV
added 2022/09/06 6:15 p.m.5 views

CVE-2022-2461

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient permissions checking on the 'tptranslation' AJAX action and default settings which makes it possib...

5.3CVSS6.7AI score0.03644EPSS
Exploits6References6
NVD
NVD
added 2022/09/06 6:15 p.m.37 views

CVE-2022-2462

The Transposh WordPress Translation plugin for WordPress is vulnerable to sensitive information disclosure to unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient permissions checking on the 'tphistory' AJAX action and insufficient restriction on the data...

5.3CVSS0.0305EPSS
Exploits4References6
Prion
Prion
added 2022/09/06 6:15 p.m.26 views

Code injection

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient permissions checking on the 'tptranslation' AJAX action and default settings which makes it possib...

5CVSS6AI score0.03644EPSS
Exploits6References6Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/06 5:18 p.m.13 views

CVE-2022-2461 Transposh WordPress Translation <= 1.0.9.6 - Unauthorized Settings Change

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient permissions checking on the 'tptranslation' AJAX action and default settings which makes it possib...

5.3CVSS6.7AI score0.03644EPSS
Exploits6References6
OSV
OSV
added 2022/09/06 5:18 p.m.5 views

CVE-2022-2462 Transposh WordPress Translation <= 1.0.9.6 - Sensitive Information Disclosure

The Transposh WordPress Translation plugin for WordPress is vulnerable to sensitive information disclosure to unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient permissions checking on the 'tphistory' AJAX action and insufficient restriction on the data...

5.3CVSS6.7AI score0.0305EPSS
Exploits4References8
ATTACKERKB
ATTACKERKB
added 2022/08/22 3:15 p.m.4 views

CVE-2022-25812

The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE...

7.2CVSS7.1AI score0.01441EPSS
Exploits4References2
OSV
OSV
added 2022/08/22 3:15 p.m.5 views

CVE-2022-25812

The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE...

7.2CVSS7.3AI score0.01441EPSS
Exploits4References1
OSV
OSV
added 2022/08/22 3:15 p.m.6 views

CVE-2022-25810

The Transposh WordPress Translation WordPress plugin through 1.0.8 exposes a couple of sensitive actions such has “tpreset” under the Utilities tab /wp-admin/admin.php?page=tputils, which can be used/executed as the lowest-privileged user. Basically all Utilities functionalities are vulnerable th...

6.5CVSS6.9AI score0.00891EPSS
Exploits5References1
ATTACKERKB
ATTACKERKB
added 2022/08/22 3:15 p.m.4 views

CVE-2022-25811

The Transposh WordPress Translation WordPress plugin through 1.0.8 does not sanitise and escape the order and orderby parameters before using them in a SQL statement, leading to a SQL injection...

7.2CVSS7.2AI score0.01202EPSS
Exploits5References2
OSV
OSV
added 2022/08/22 3:15 p.m.6 views

CVE-2021-24910

The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the a parameter via an AJAX action available to both unauthenticated and authenticated users when the curl library is installed before outputting it back in the response, leading to a Reflected Cross-Si...

6.1CVSS7.3AI score0.01266EPSS
Exploits4References1
OSV
OSV
added 2022/08/22 3:15 p.m.5 views

CVE-2021-24912

The Transposh WordPress Translation WordPress plugin before 1.0.8 does not have CSRF check in its tptranslation AJAX action, which could allow attackers to make authorised users add a translation. Given the lack of sanitisation in the tk0 parameter, this could lead to a Stored Cross-Site Scriptin...

5.4CVSS7.3AI score0.00304EPSS
Exploits3References1
Rows per page
Query Builder