The plugin was vulnerable to Authenticated Stored Cross-Site Scripting (XSS) within the Project Key text field found in the plugin’s settings.
1. Click on Use on translation exchange connector 2. In Basic Settings,insert following payload in Project Key text field. "> 3. Click Save Changes
CPE | Name | Operator | Version |
---|---|---|---|
translation-exchange | eq | * |