cleantalk
Vulnerabilities and Security Researches

Autoglot – Automatic WordPress Translation, CVE-2025-24548

CVE, Research URL

CVE-2025-24548

Home page URL

Security reports for Autoglot – Automatic WordPress Translation

Application

Autoglot – Automatic WordPress Translation

Published on
Apr 17, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Autoglot Autoglot – Automatic WordPress Translation allows Reflected XSS. This issue affects Autoglot – Automatic WordPress Translation: from n/a through 2.4.7.
Affected versions
Min -, max 2.4.8.
Status
vulnerable
Previous vulnerability researches
Giveaway Boost (CVE-2024-49332) , Oct 20, 2024
Giveaways and Contests by PromoSimple (CVE-2025-23934) , Jan 18, 2025
WPExperts Square For GiveWP (CVE-2024-13713) , Feb 22, 2025
WPExperts Square For GiveWP (CVE-2024-47338) , Sep 30, 2024
Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals, sales and more (CVE-2024-11898) , Dec 06, 2024
New vulnerability
Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light (CVE-2025-39378) , Apr 25, 2025
PowerPress Podcasting plugin by Blubrry (CVE-2024-9230) , Apr 25, 2025
Capturly (CVE-2025-39379) , Apr 25, 2025
Frontend Login and Registration Blocks (CVE-2025-3607) , Apr 25, 2025
Ultimate Dashboard – Custom WordPress Dashboard (CVE-2025-1523) , Apr 25, 2025