← back
CVE-2020-11930

CVE-2020-11930

EPSS 4.5%
The GTranslate plugin before 2.8.52 for WordPress has Reflected XSS via a crafted link. This requires use of the hreflang tags feature within a sub-domain or sub-directory paid option.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://plugins.trac.wordpress.org/changeset/2245581/gtranslatehttps://plugins.trac.wordpress.org/changeset/2245591/gtranslatehttps://wordpress.org/plugins/gtranslate/#developershttps://wpvulndb.com/vulnerabilities/10181