cleantalk
Vulnerabilities and Security Researches

Ray Enterprise Translation, 45862dcf5de38ecdacc64eb0bc59badcb317be6c

CVE, Research URL

45862dcf5de38ecdacc64eb0bc59badcb317be6c

Home page URL

Security reports for Ray Enterprise Translation

Application

Ray Enterprise Translation

Published on
Jun 20, 2016
Research Description
Ray Enterprise Translation [lingotek-translation] < 1.1.9 (closed) Lingotek Translation <= 1.1.8 - Cross-Site Scripting The Lingotek Translation plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘sm’ parameter in versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions
Min -, max 1.1.9.
Status
vulnerable
Previous vulnerability researches
Ray Enterprise Translation (45862dcf5de38ecdacc64eb0bc59badcb317be6c) , Jun 07, 2024
Ray Enterprise Translation (CVE-2025-31030) , Apr 14, 2025
New vulnerability
Flamingo , Apr 16, 2025
Advance WP Query Search Filter (CVE-2025-26743) , Apr 15, 2025
SKT Skill Bar (CVE-2025-26880) , Apr 15, 2025
WP Featured Screenshot (CVE-2025-32557) , Apr 15, 2025
Additional Custom Product Tabs for WooCommerce (CVE-2025-26749) , Apr 15, 2025