Vulnerabilities and security researches forlingotek-translation lingotek-translation

Jun 07, 2024

CVE, Research URL: 45862dcf5de38ecdacc64eb0bc59badcb317be6c
Home page URL: Security reports for Ray Enterprise Translation
Application: Ray Enterprise Translation
Date: Jun 20, 2016
Research Description: Ray Enterprise Translation [lingotek-translation] < 1.1.9 (closed) Lingotek Translation <= 1.1.8 - Cross-Site Scripting The Lingotek Translation plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘sm’ parameter in versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions: Min -, max -.
Status: vulnerable

Apr 14, 2025

CVE, Research URL: CVE-2025-31030
Home page URL: Security reports for Ray Enterprise Translation
Application: Ray Enterprise Translation
Date: -
Research Description: Ray Enterprise Translation [lingotek-translation] <= 1.7.0 (unfixed) CVE-2025-31030
Affected versions: Min -, max -.
Status: vulnerable