WordPress Plugin Vulnerabilities

Transposh WordPress Translation < 1.0.8 - CSRF to Stored XSS

Description

The plugin does not have CSRF check in its tp_translation AJAX action, which could allow attackers to make authorised users add a translation. Given the lack of sanitisation in the tk0 parameter, this could lead to a Stored Cross-Site Scripting issue which will be executed in the context of a logged in admin

Proof of Concept

Affects Plugins

Plugin icon
transposh-translation-filter-for-wordpress
Fixed in 1.0.8

References

CVE
CVE-2021-24912

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
8.8 (high)

Miscellaneous

Original Researcher
Julien Ahrens
Verified
Yes
WPVDB ID
349483e2-3ab5-4573-bc03-b1ebab40584d

Timeline

Publicly Published
2022-02-22 (about 3 years ago)
Added
2022-07-28 (about 3 years ago)
Last Updated
2023-04-28 (about 2 years ago)

Other

Published
Title
Published
2023-11-14
Title
Welcart e-Commerce < 2.9.5 - Cross-Site Request Forgery
Published
2024-11-01
Title
Platform.ly Official < 1.14 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Published
2014-08-01
Title
WP-SendSMS - Setting Manipulation Cross-Site Request Forgery (CSRF)
Published
2025-03-11
Title
W3Counter Free Real-Time Web Stats <= 4.1 - Cross-Site Request Forgery
Published
2022-05-23
Title
Private Files <= 0.40 - Protection Disabling via CSRF