Oferwald Transposh Wordpress Translation vulnerabilities
2 known vulnerabilities affecting oferwald/transposh_wordpress_translation.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2022-2461P2MEDIUMCVSS 5.3ExploitedPoC≤ 1.0.9.62022-09-06
CVE-2022-2461 [MEDIUM] CWE-862 CVE-2022-2461: The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting chang
The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient permissions checking on the 'tp_translation' AJAX action and default settings which makes it possible for unauthenticated attackers to influence the data
nvd
CVE-2022-2462P3MEDIUMCVSS 5.3PoC≤ 1.0.9.62022-09-06
CVE-2022-2462 [MEDIUM] CWE-200 CVE-2022-2462: The Transposh WordPress Translation plugin for WordPress is vulnerable to sensitive information disc
The Transposh WordPress Translation plugin for WordPress is vulnerable to sensitive information disclosure to unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient permissions checking on the 'tp_history' AJAX action and insufficient restriction on the data returned in the response. This makes it possible for una
nvd