Translate WordPress – Google Language Translator, CVE-2021-24594
- CVE, Research URL
- Published on
- Nov 08, 2021
- Research Description
- The Translate WordPress – Google Language Translator WordPress plugin before 6.0.12 does not sanitise and escape some of its settings before outputting it in various pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
- Affected versions
-
max 6.0.12.
- Status
-
vulnerable