Poeditor Security Vulnerabilities and Issues — Poeditor CVE List

Lucene search

PoeditorPoeditor

3 matches found

CVE•added 2023/08/30 3:15 p.m.•2489 views

CVE-2023-4209

The POEditor WordPress plugin before 0.9.8 does not have CSRF checks in various places, which could allow attackers to make logged in admins perform unwanted actions, such as reset the plugin's settings and update its API key via CSRF attacks.

4.3CVSS4.9AI score0.00086EPSS

Web

CVE•added 2024/04/15 7:15 a.m.•44 views

CVE-2024-32453

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POEditor allows Stored XSS.This issue affects POEditor: from n/a through 0.9.8.

5.9CVSS6.6AI score0.00135EPSS

CVE•added 2023/10/03 2:15 p.m.•42 views

CVE-2023-32091

Cross-Site Request Forgery (CSRF) vulnerability in POEditor plugin

8.8CVSS7AI score0.00051EPSS