CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpml:wpml"; if description...

9.9CVSS9.6AI score0.73911EPSS

Exploits3References1

WPVulnDB•added 2023/04/16 12:0 a.m.•118 views

WPML Multilingual CMS < 4.6.1 - Reflected Cross-Site Scripting

The plugin does not escape some URL attributes before outputting them to a page, leading to a Reflected Cross-Site Scripting vulnerability. PoC After setting up the plugin, visit the following URL: /wp-login.php?wplang=%20=id=x+type=image%20id=xss%20onfoc%3C!%3Eusin+alert0%0c...

6.1AI score

Exploits0References2Affected Software1

CNVD•added 2022/11/23 12:0 a.m.•70 views

WordPress WPML Multilingual CMS premium plugin access control error vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WPML Multilingual CMS premium plugin 4.5.10 and earlier versions are vulnerable to an acces...

1.7AI score0.00201EPSS

Exploits0Affected Software1

CNVD•added 2022/11/21 12:0 a.m.•9 views

WordPress Plugin WPML Multilingual CMS premium Access Control Error Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An access control error...

5.4CVSS6.7AI score0.00201EPSS

Exploits0References1

Vulnrichment•added 2022/11/18 6:13 p.m.•5 views

CVE-2022-38974 WordPress WPML Multilingual CMS premium plugin <= 4.5.10 - Broken Access Control vulnerability

Broken Access Control vulnerability in WPML Multilingual CMS premium plugin = 4.5.10 on WordPress allows users with subscriber or higher user roles to change the status of the translation jobs...

4.3CVSS4.5AI score0.00201EPSS

Exploits0References1

NVD•added 2022/11/17 10:15 p.m.•20 views

CVE-2022-45071

Cross-Site Request Forgery CSRF vulnerability in WPML Multilingual CMS premium plugin = 4.5.13 on WordPress...

8.8CVSS0.00156EPSS

Exploits0References1

NVD•added 2022/11/17 10:15 p.m.•9 views

CVE-2022-45072

Cross-Site Request Forgery CSRF vulnerability in WPML Multilingual CMS premium plugin = 4.5.13 on WordPress...

4.3CVSS0.00124EPSS

Exploits0References1

NVD•added 2022/11/17 10:15 p.m.•8 views

CVE-2022-38461

Broken Access Control vulnerability in WPML Multilingual CMS premium plugin = 4.5.10 on WordPress allows users with a subscriber or higher user role to change plugin settings selected language for legacy widgets, the default behavior for media content...

5.4CVSS0.00201EPSS

Exploits0References1

Prion•added 2022/11/17 10:15 p.m.•17 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in WPML Multilingual CMS premium plugin = 4.5.13 on WordPress...

6.8CVSS8.8AI score0.00156EPSS

Exploits0References1Affected Software1

Prion•added 2022/11/17 10:15 p.m.•20 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in WPML Multilingual CMS premium plugin = 4.5.13 on WordPress...

4.3CVSS4.8AI score0.00124EPSS

Exploits0References1Affected Software1

Prion•added 2022/11/17 10:15 p.m.•17 views

Improper access control

4CVSS4.6AI score0.00201EPSS

Exploits0References1Affected Software1

CVE•added 2022/11/17 9:59 p.m.•175 views

CVE-2022-38461

The CVE-2022-38461 entry affects the WPML Multilingual CMS premium plugin for WordPress (versions

5.4CVSS4.6AI score0.00201EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/11/17 9:59 p.m.•16 views

CVE-2022-38461 WordPress WPML Multilingual CMS premium plugin <= 4.5.10 - Broken Access Control vulnerability

5.4CVSS5.7AI score0.00201EPSS

Exploits0References1

Cvelist•added 2022/11/17 9:58 p.m.•20 views

CVE-2022-45071 WordPress WPML Multilingual CMS premium plugin <= 4.5.13 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WPML Multilingual CMS premium plugin = 4.5.13 on WordPress...

5.4CVSS9AI score0.00156EPSS

Exploits0References1

CVE•added 2022/11/17 9:58 p.m.•78 views

CVE-2022-45071

The CVE-2022-45071 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress WPML Multilingual CMS premium plugin up to version 4.5.13. The root cause identified across multiple sources is missing CSRF protections in certain areas (e.g., actions like translation-job statu...

8.8CVSS7.1AI score0.00156EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2022/11/17 9:58 p.m.•5 views

CVE-2022-45071 WordPress WPML Multilingual CMS premium plugin <= 4.5.13 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WPML Multilingual CMS premium plugin = 4.5.13 on WordPress...

5.4CVSS6.5AI score0.00156EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by