VYPR

Poeditor

by Poeditor

CVEs (3)

  • CVE-2024-32453MedApr 15, 2024
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POEditor allows Stored XSS.This issue affects POEditor: from n/a through 0.9.8.

  • CVE-2023-32091MedOct 3, 2023
    risk 0.35cvss 5.4epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in POEditor plugin <= 0.9.4 versions.

  • CVE-2025-4280MedMay 22, 2025
    risk 0.31cvss epss 0.00

    MacOS version of Poedit bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts,…