Lucene search
WpvulndbWPVDB-ID:BBCECE1E-45C1-4B40-8B14-AEDEE6AA23CDHistoryNov 28, 2022 - 12:00 a.m.
Theme and plugin translation for Polylang < 3.2.17 - Unauthenticated Translation Settings Update
2022-11-2800:00:00
wpscan.com
8
polylang
translation
unauthenticated
0.001 Low
EPSS
Percentile
37.0%
The theme does not have authorisation in the process_polylang_theme_translation_wp_loaded() function, which could allow unauthenticated attack to update translation settings, as well as import arbitrary translations
| CPE | Name | Operator | Version |
|---|---|---|---|
| theme-translation-for-polylang | lt | 3.2.17 |
Related
cve
cve
CVE-2022-4169
2022-11-28 18:15:12
prion
prion
Authorization
2022-11-28 18:15:00
nvd
nvd
CVE-2022-4169
2022-11-28 18:15:12
cvelist
cvelist
CVE-2022-4169
2022-11-28 17:33:31