Lucene search
TransposhTransposh Wordpress Translation1.0.8
2 matches found
CVE-2022-25811
The Transposh WordPress Translation WordPress plugin through 1.0.8 does not sanitise and escape the order and orderby parameters before using them in a SQL statement, leading to a SQL injection
7.2CVSS7.2AI score0.0128EPSS
Web
CVE-2022-25810
The Transposh WordPress Translation WordPress plugin through 1.0.8 exposes a couple of sensitive actions such has “tp_reset” under the Utilities tab (/wp-admin/admin.php?page=tp_utils), which can be used/executed as the lowest-privileged user. Basically all Utilities functionalities are vulnerable ...
6.5CVSS6.4AI score0.0019EPSS
Web