Back
WordPress Google Language Translator Plugin <= 4.0.9 - Cross Site Scripting
- Product
- Google Language Translator
- Description
- Because of this vulnerability, the attackers can inject arbitrary web script or HTML.
Vulnerable parameter is "googlelanguagetranslator_flags_order".
- Solution
- Upgrade this plugin.
- Classification
-
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
- References
-
Cinu
- CVE
- Name CVE-N/A
- Versions
-
Affected In
<= 4.0.9
Fixed In 5.0.0
- Disclosure date
- 2015-08-13
- Submitter
- ThreatPress