VYPR

Language Switcher Dropdown

by Language Switcher Dropdown Project

CVEs (2)

  • CVE-2024-9610MedOct 11, 2024
    risk 0.33cvss 6.1epss 0.00

    The Language Switcher plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.7.13. This makes it possible for unauthenticated attackers to inject…

  • CVE-2014-9737Jul 6, 2015
    risk 0.00cvss epss 0.01

    Open redirect vulnerability in the Language Switcher Dropdown module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a block.