Vulnerabilities and security researches forsrbtranslatin srbtranslatin

Jun 07, 2024

CVE, Research URL: CVE-2018-5369
Home page URL: Security reports for SrbTransLatin – Serbian Latinisation
Application: SrbTransLatin – Serbian Latinisation
Date: Jan 12, 2018
Research Description: The SrbTransLatin plugin 1.46 for WordPress has XSS via an srbtranslatoptions action to wp-admin/options-general.php with a lang_identificator parameter.
Affected versions: max 1.4.7.
Status: vulnerable

CVE, Research URL: CVE-2018-5368
Home page URL: Security reports for SrbTransLatin – Serbian Latinisation
Application: SrbTransLatin – Serbian Latinisation
Date: Jan 12, 2018
Research Description: The SrbTransLatin plugin 1.46 for WordPress has CSRF via an srbtranslatoptions action to wp-admin/options-general.php.
Affected versions: max 1.47.
Status: vulnerable

Apr 05, 2025

CVE, Research URL: CVE-2025-31421
Home page URL: Security reports for SrbTransLatin – Serbian Latinisation
Application: SrbTransLatin – Serbian Latinisation
Date: Apr 04, 2025
Research Description: Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Oblak Studio Srbtranslatin srbtranslatin allows Retrieve Embedded Sensitive Data.This issue affects Srbtranslatin: from n/a through <= 3.2.0.
Affected versions: max 3.2.0.
Status: vulnerable

Jun 16, 2026

CVE, Research URL: a848dceb0ab4270e438a59d3678ca4b9f06a90ea
Home page URL: Security reports for SrbTransLatin – Serbian Latinisation
Application: SrbTransLatin – Serbian Latinisation
Date: Jan 12, 2018
Research Description: SrbTransLatin – Serbian Latinisation [srbtranslatin] < 1.4.7 (closed) WordPress Srbtranslatin <= 1.4.6 - Stored Cross-site scripting (XSS) & Cross-site request forgery (CSRF) vulnerabilities Stored Cross-site scripting (XSS) and Cross-site request forgery (CSRF) vulnerabilities were found in WordPress Srbtranslatin in 1.4.6 version.
Affected versions: max 1.4.7.
Status: vulnerable