VYPR

WPML Multilingual CMS

by WordPress

CVEs (4)

  • CVE-2022-45071MedNov 17, 2022
    risk 0.35cvss 5.4epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual CMS premium plugin <= 4.5.13 on WordPress.

  • CVE-2022-38461MedNov 17, 2022
    risk 0.35cvss 5.4epss 0.01

    Broken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on WordPress allows users with a subscriber or higher user role to change plugin settings (selected language for legacy widgets, the default behavior for media content).

  • CVE-2022-38974MedNov 18, 2022
    risk 0.28cvss 4.3epss 0.01

    Broken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on WordPress allows users with subscriber or higher user roles to change the status of the translation jobs.

  • CVE-2022-45072MedNov 17, 2022
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual CMS premium plugin <= 4.5.13 on WordPress.