CVE-2024-2124

The Translate WordPress and go Multilingual – Weglot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget/block in all versions up to, and including, 4.2.5 due to insufficient input sanitization and output escaping on user supplied attributes such as...

CVE-2025-10008

The Translate WordPress and go Multilingual – Weglot plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'cleanoptions' function in all versions up to, and including, 5.1. This makes it possible for unauthenticated attackers to delete limited...

CVE-2025-10008

CVE-2025-10008 affects Translate WordPress and go Multilingual – Weglot plugin for WordPress. Root cause: missing capability check in clean_options, allowing unauthenticated deletion of limited transients (cached plugin options) in all versions up to and including 5.1. Impact: unauthorized data l...

EUVD-2024-27088

Malicious code in bioql PyPI...

CVE-2024-2124

The Translate WordPress and go Multilingual – Weglot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget/block in all versions up to, and including, 4.2.5 due to insufficient input sanitization and output escaping on user supplied attributes such as...

CVE-2024-2124

CVE-2024-2124 (Weglot for WordPress) : Stored XSS in Translate WordPress and go Multilingual – Weglot due to insufficient input sanitization and output escaping on widget/block attributes (e.g., className). Affected versions: up to and including 4.2.5. Exploitation requires authenticated access a...

CVE-2024-2124

The Translate WordPress and go Multilingual – Weglot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget/block in all versions up to, and including, 4.2.5 due to insufficient input sanitization and output escaping on user supplied attributes such as...

CVE-2024-2124 Translate WordPress and go Multilingual – Weglot <= 4.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attributes

The Translate WordPress and go Multilingual – Weglot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget/block in all versions up to, and including, 4.2.5 due to insufficient input sanitization and output escaping on user supplied attributes such as...

WordPress Plugin Weglot Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...