Services

IoT Security Testing Red Team Assessment Product Security AI/ML Security Audit Web Security Testing

Mobile Security Testing DevSecOps Consulting Code Review Cloud Security Critical Infrastructure

Products

EXPLIoT

EXPLIoT is framework for IoT security testing
and exploitation.

CloudFuzz

CloudFuzz is platform that lets you code for bugs
by running your software with millions of test cases.

Who we are

About Us Payatu Bandits

Resources

Blogs MasterClass Series Case Studies E-Books New Advisory Media

Tools

securecode.wiki New

Pune Location Europe Location

Technical
Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

Vulnerability

Reflected XSS in GTranslate plugin of wordpress

Vulnerability Description

The GTranslate plugin before 2.8.52 for WordPress has Reflected XSS via a crafted link. This requires use of the hreflang tags feature within a sub-domain or sub-directory paid option.

CVE-ID

CVE-2020-11930

Vendor

GTranslate

Vulnerable Plugin

GTranslate plugin of wordpress

Disclosure Timeline

10th February 2020 reported to the vendor
18th February 2020 Fixed by vendor
20th April 2020 CVE assigned

Credits

Gaurav Nayak.

Technical Advisory