CVE-2022-25810
N/A
N/A
Summary
The Transposh WordPress Translation WordPress plugin through 1.0.8 exposes a couple of sensitive actions such has “tp_reset” under the Utilities tab (/wp-admin/admin.php?page=tp_utils), which can be used/executed as the lowest-privileged user. Basically all Utilities functionalities are vulnerable this way, which involves resetting configurations and backup/restore operations.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | Transposh WordPress Translation | 1.0.8 <= 1.0.8 | affected |
Weaknesses
- CWE-862: CWE-862 Missing Authorization
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.