CVE-2026-4683 Smartcat Translator for WPML <= 3.1.77 - Missing Authorization to Unauthenticated Plugin Settings Update

The Smartcat Translator for WPML plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'routeData' REST endpoint in all versions up to, and including, 3.1.77. This makes it possible for unauthenticated attackers to overwrite the plugin's...

PT-2026-41272

The Smartcat Translator for WPML plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'routeData' REST endpoint in all versions up to, and including, 3.1.77. This makes it possible for unauthenticated attackers to overwrite the plugin's...

WordPress Newsletter, SMTP, Email marketing and Subscribe forms by Brevo plugin <= 3.1.77 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Brevo versions = 3.1.77...

WordPress Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue Plugin <= 3.1.77 is vulnerable to Cross Site Scripting (XSS)

Software Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue Type Plugin Vulnerable versions = 3.1.77 Fixed in 3.1.78 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35668 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID...