Transposh Transposh Wordpress Translation — known CVE vulnerabilities
Every CVE whose affected-product data names Transposh Transposh Wordpress Translation, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2022-25812 — CVSS 7.2 (high): The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high…
CVE-2022-25811 — CVSS 7.2 (high): The Transposh WordPress Translation WordPress plugin through 1.0.8 does not sanitise and escape the order and orderby parameters before…
CVE-2022-25810 — CVSS 6.5 (medium): The Transposh WordPress Translation WordPress plugin through 1.0.8 exposes a couple of sensitive actions such has “tp_reset” under the…
CVE-2021-24910 — CVSS 6.1 (medium): The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the a parameter via an AJAX action…
CVE-2021-24912 — CVSS 5.4 (medium): The Transposh WordPress Translation WordPress plugin before 1.0.8 does not have CSRF check in its tp_translation AJAX action, which could…
CVE-2021-24911 — CVSS 5.4 (medium): The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the tk0 parameter from the tp_translation…
CVE-2022-2462 — CVSS 5.3 (medium): The Transposh WordPress Translation plugin for WordPress is vulnerable to sensitive information disclosure to unauthenticated users in…
CVE-2022-2536 — CVSS 5.3 (medium): The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions…
CVE-2022-2461 — CVSS 5.3 (medium): The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions…