cleantalk
Vulnerabilities and Security Researches

Falang multilanguage for WordPress, 853fc9a7-4edf-4fe1-8e0c-d50c78b48faa

CVE, Research URL

853fc9a7-4edf-4fe1-8e0c-d50c78b48faa

Home page URL

Security reports for Falang multilanguage for WordPress

Application

Falang multilanguage for WordPress

Published on
-
Research Description
Falang multilanguage for WordPress [falang] < 1.3.18 Falang multilanguage for WordPress &lt; 1.3.18 - Reflected Cross-Site Scripting The plugin does not escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site scripting issue
Affected versions
max 1.3.18.
Status
vulnerable
Previous vulnerability researches
Falang multilanguage for WordPress (CVE-2024-4417) , Jun 07, 2024
Falang multilanguage for WordPress (a9b4ba34b4a82b7813dfffcdb15dba44c54af5cc) , Jun 07, 2024
Falang multilanguage for WordPress (CVE-2023-37968) , Jun 07, 2024
Falang multilanguage for WordPress (CVE-2024-30495) , Jun 07, 2024
Falang multilanguage for WordPress (CVE-2025-48285) , Jun 15, 2025
New vulnerability
Form Maker by 10Web &#8211; Mobile-Friendly Drag &amp; Drop Contact Form Builder (CVE-2026-11777) , Jun 19, 2026
Form Maker by 10Web &#8211; Mobile-Friendly Drag &amp; Drop Contact Form Builder (CVE-2026-11776) , Jun 19, 2026
LearnPress &#8211; WordPress LMS Plugin (CVE-2026-8383) , Jun 19, 2026
WP Travel Gutenberg Blocks (CVE-2026-54808) , Jun 19, 2026
BetterDocs – Best Documentation, FAQ &amp; Knowledge Base Plugin with AI Support (CVE-2026-12157) , Jun 19, 2026