Loco Translate Project Loco Translate — known CVE vulnerabilities
Every CVE whose affected-product data names Loco Translate Project Loco Translate, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-24721 — CVSS 6.5 (medium): The Loco Translate WordPress plugin before 2.5.4 mishandles data inputs which get saved to a file, which can be renamed to an extension…
CVE-2022-0765 — CVSS 5.4 (medium): The Loco Translate WordPress plugin before 2.6.1 does not properly remove inline events from elements in the source translation strings…