Oferwald Transposh Wordpress Translation vulnerabilities

CVE-2022-2536 [MEDIUM] CWE-285 Transposh WordPress Translation <= 1.0.9.6 - Authorization Bypass Transposh WordPress Translation <= 1.0.9.6 - Authorization Bypass The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient validation of settings on the 'tp_translation' AJAX action which makes it possible for unauthenticated attackers to bypass any restrictio

CVE-2022-2462 [MEDIUM] CWE-200 CVE-2022-2462: The Transposh WordPress Translation plugin for WordPress is vulnerable to sensitive information disc The Transposh WordPress Translation plugin for WordPress is vulnerable to sensitive information disclosure to unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient permissions checking on the 'tp_history' AJAX action and insufficient restriction on the data returned in the response. This makes it possible for una

CVE-2022-2461 [MEDIUM] CWE-862 CVE-2022-2461: The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting chang The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient permissions checking on the 'tp_translation' AJAX action and default settings which makes it possible for unauthenticated attackers to influence the data