Vulnerabilities and security researches forlingotek-translation lingotek-translation

Jun 07, 2024

CVE, Research URL: 45862dcf5de38ecdacc64eb0bc59badcb317be6c
Home page URL: Security reports for Ray Enterprise Translation
Application: Ray Enterprise Translation
Date: Jun 20, 2016
Research Description: Ray Enterprise Translation [lingotek-translation] < 1.1.9 (closed) Lingotek Translation <= 1.1.8 - Cross-Site Scripting The Lingotek Translation plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘sm’ parameter in versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions: max 1.1.9.
Status: vulnerable

Apr 14, 2025

CVE, Research URL: CVE-2025-31030
Home page URL: Security reports for Ray Enterprise Translation
Application: Ray Enterprise Translation
Date: Apr 17, 2025
Research Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jbhovik Ray Enterprise Translation allows PHP Local File Inclusion. This issue affects Ray Enterprise Translation: from n/a through 1.7.0.
Affected versions: max 1.7.1.
Status: vulnerable

Sep 08, 2025

CVE, Research URL: CVE-2025-58785
Home page URL: Security reports for Ray Enterprise Translation
Application: Ray Enterprise Translation
Date: Sep 05, 2025
Research Description: Missing Authorization vulnerability in jbhovik Ray Enterprise Translation allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ray Enterprise Translation: from n/a through 1.7.1.
Affected versions: max 1.7.1.
Status: vulnerable

Jan 10, 2026

CVE, Research URL: CVE-2025-60076
Home page URL: Security reports for Ray Enterprise Translation
Application: Ray Enterprise Translation
Date: Dec 18, 2025
Research Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jbhovik Ray Enterprise Translation lingotek-translation allows PHP Local File Inclusion.This issue affects Ray Enterprise Translation: from n/a through <= 1.7.1.
Affected versions: max 1.7.1.
Status: vulnerable