VYPR

Prisna Gwt

by WordPress

CVEs (3)

  • CVE-2024-8514CriSep 25, 2024
    risk 0.52cvss 9.1epss 0.01

    The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.11 via deserialization of untrusted input from the 'prisna_import' parameter. This makes it possible for authenticated attackers,…

  • CVE-2024-12680MedMay 15, 2025
    risk 0.31cvss 4.8epss 0.00

    The Prisna GWT WordPress plugin before 1.4.14 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite…

  • CVE-2024-12679MedMay 15, 2025
    risk 0.31cvss 4.8epss 0.00

    The Prisna GWT WordPress plugin before 1.4.14 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite…