CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32695 – WordPress Language Switcher for Transposh plugin <= 1.5.9 - Reflected Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-32695
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marco Gasi Language Switcher for Transposh allows Reflected XSS.This issue affects Language Switcher for Transposh: from n/a through 1.5.9. La vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('cross-site Scripting') en Marco Gasi Language Switcher para Transposh permite Reflected XSS. Este problema afecta a Language Switcher for Transposh: desde n/a hasta 1.5.9. The Language Switcher for Transposh plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.5.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/language-switcher-for-transposh/wordpress-language-switcher-for-transposh-plugin-1-5-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 4CVE-2022-2536 – Transposh WordPress Translation <= 1.0.8.1 - Authorization Bypass
https://notcve.org/view.php?id=CVE-2022-2536
The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient validation of settings on the 'tp_translation' AJAX action which makes it possible for unauthenticated attackers to bypass any restrictions and influence the data shown on the site. Please note this is a separate issue from CVE-2022-2461. Notes from the researcher: When installed Transposh comes with a set of pre-configured options, one of these is the "Who can translate" setting under the "Settings" tab. However, this option is largely ignored, if Transposh has enabled its "autotranslate" feature (it's enabled by default) and the HTTP POST parameter "sr0" is larger than 0. • https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2022-2536.txt https://packetstormsecurity.com/files/168120/wptransposh1081-authz.txt https://plugins.trac.wordpress.org/browser/transposh-translation-filter-for-wordpress/trunk/transposh.php?rev=2682425#L1989 https://www.exploitalert.com/view-details.html?id=38949 https://www.rcesecurity.com/2022/07/WordPress-Transposh-Exploiting-a-Blind-SQL-Injection-via-XSS https://www.wordfence.com/threat-intel/vulnerabilities/id/c774b520-9d9f-4102-8564-49673d5ae1e6 http • CWE-285: Improper Authorization •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-25812 – Transposh WordPress Translation < 1.0.8 - Admin+ RCE
https://notcve.org/view.php?id=CVE-2022-25812
The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE El plugin Transposh WordPress Translation de WordPress versiones anteriores a 1.0.8, no comprueba su configuración de depuración, lo que podría permitir a usuarios con altos privilegios, como el administrador, llevar a cabo un RCE. The Transposh WordPress Translation plugin for WordPress is vulnerable to remote code execution in versions up to, and including, 1.0.8.1. This is due to insufficient extension validation on the log file that can be created via the plugin. This makes it possible for authenticated attackers with administrative level permissions and above to set the log file extension to .php and then update a setting to log PHP executable code to that file which can be used to achieve remote code execution. Transposh WordPress Translation versions 1.0.8.1 and below have a "save_transposh" action available at "/wp-admin/admin.php? • https://wpscan.com/vulnerability/1f6bd346-4743-44b8-86d7-4fbe09bad657 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-25810 – Transposh WordPress Translation <= 1.0.8 - Subscriber+ Unauthorised Calls
https://notcve.org/view.php?id=CVE-2022-25810
The Transposh WordPress Translation WordPress plugin through 1.0.8 exposes a couple of sensitive actions such has “tp_reset” under the Utilities tab (/wp-admin/admin.php?page=tp_utils), which can be used/executed as the lowest-privileged user. Basically all Utilities functionalities are vulnerable this way, which involves resetting configurations and backup/restore operations. El plugin Transposh WordPress Translation de WordPress versiones hasta 1.0.8, expone un par de acciones confidenciales como "tp_reset" bajo la pestaña Utilities (/wp-admin/admin.php?page=tp_utils), que pueden ser usadas/ejecutadas como el usuario menos privilegiado. • https://wpscan.com/vulnerability/9a934a84-f0c7-42ed-b980-bb168b2c5892 • CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24911 – Transposh WordPress Translation < 1.0.8 - Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-24911
The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the tk0 parameter from the tp_translation AJAX action, leading to Stored Cross-Site Scripting, which will trigger in the admin dashboard of the plugin. The minimum role needed to perform such attack depends on the plugin "Who can translate ?" setting. El plugin Transposh WordPress Translation de WordPress versiones anteriores a 1.0.8, no sanea ni escapa del parámetro tk0 de la acción AJAX tp_translation, lo que conlleva a un problema de tipo Cross-Site Scripting Almacenado, que se ejecutará en el panel de administración del plugin. El rol mínimo necesario para llevar a cabo este ataque depende de la configuración del plugin "¿Quién puede traducir? • https://wpscan.com/vulnerability/bd88be21-0cfc-46bd-b78a-23efc4868a55 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •