Technical
Advisory
Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.
Vulnerability
Reflected XSS in GTranslate plugin of wordpress
Vulnerability Description
The GTranslate plugin before 2.8.52 for WordPress has Reflected XSS via a crafted link. This requires use of the hreflang tags feature within a sub-domain or sub-directory paid option.
CVE-ID
Vendor
GTranslate
Vulnerable Plugin
GTranslate plugin of wordpress
Disclosure Timeline
- 10th February 2020 reported to the vendor
- 18th February 2020 Fixed by vendor
- 20th April 2020 CVE assigned
Credits
Gaurav Nayak.
Research Powered Cybersecurity Services and Training. Eliminate security threats through our innovative and extensive security assessments.
Subscribe to our newsletter
Research Powered Cybersecurity Services and Training. Eliminate security threats through our innovative and extensive security assessments.
Subscribe to our newsletter
Services