All the vulnerabilites related to oferwald - Transposh WordPress Translation
cve-2022-2536
Vulnerability from cvelistv5
Published
2022-12-15 04:01
Modified
2025-01-23 20:29
Severity ?
EPSS score ?
Summary
The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient validation of settings on the 'tp_translation' AJAX action which makes it possible for unauthenticated attackers to bypass any restrictions and influence the data shown on the site. Please note this is a separate issue from CVE-2022-2461.
Notes from the researcher: When installed Transposh comes with a set of pre-configured options, one of these is the "Who can translate" setting under the "Settings" tab. However, this option is largely ignored, if Transposh has enabled its "autotranslate" feature (it's enabled by default) and the HTTP POST parameter "sr0" is larger than 0. This is caused by a faulty validation in "wp/transposh_db.php."
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| oferwald | Transposh WordPress Translation |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:08.222Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c774b520-9d9f-4102-8564-49673d5ae1e6"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.rcesecurity.com/2022/07/WordPress-Transposh-Exploiting-a-Blind-SQL-Injection-via-XSS/"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/transposh-translation-filter-for-wordpress/trunk/transposh.php?rev=2682425#L1989"
},
{
"tags": [
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/168120/wptransposh1081-authz.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.exploitalert.com/view-details.html?id=38949"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-2536"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2022-2536.txt"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-2536",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T20:29:15.429487Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-23T20:29:18.923Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Transposh WordPress Translation",
"vendor": "oferwald",
"versions": [
{
"lessThanOrEqual": "1.0.8.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Julien Ahrens"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient validation of settings on the \u0027tp_translation\u0027 AJAX action which makes it possible for unauthenticated attackers to bypass any restrictions and influence the data shown on the site. Please note this is a separate issue from CVE-2022-2461. \r\n\r\nNotes from the researcher: When installed Transposh comes with a set of pre-configured options, one of these is the \"Who can translate\" setting under the \"Settings\" tab. However, this option is largely ignored, if Transposh has enabled its \"autotranslate\" feature (it\u0027s enabled by default) and the HTTP POST parameter \"sr0\" is larger than 0. This is caused by a faulty validation in \"wp/transposh_db.php.\""
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-285 Improper Authorization",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-15T04:01:45.987Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c774b520-9d9f-4102-8564-49673d5ae1e6"
},
{
"url": "https://www.rcesecurity.com/2022/07/WordPress-Transposh-Exploiting-a-Blind-SQL-Injection-via-XSS/"
},
{
"url": "https://plugins.trac.wordpress.org/browser/transposh-translation-filter-for-wordpress/trunk/transposh.php?rev=2682425#L1989"
},
{
"url": "https://packetstormsecurity.com/files/168120/wptransposh1081-authz.txt"
},
{
"url": "https://www.exploitalert.com/view-details.html?id=38949"
},
{
"url": "https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-2536"
},
{
"url": "https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2022-2536.txt"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-11-14T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2022-2536",
"datePublished": "2022-12-15T04:01:45.987Z",
"dateReserved": "2022-07-25T12:16:31.645Z",
"dateUpdated": "2025-01-23T20:29:18.923Z",
"requesterUserId": "8d345d3f-a59e-4410-a440-fac6e918fcfc",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-2461
Vulnerability from cvelistv5
Published
2022-09-06 17:18
Modified
2025-05-05 16:18
Severity ?
EPSS score ?
Summary
The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient permissions checking on the 'tp_translation' AJAX action and default settings which makes it possible for unauthenticated attackers to influence the data shown on the site.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| oferwald | Transposh WordPress Translation |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:07.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/223373fc-9d78-47f0-b283-109f8e00b802?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2461"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.rcesecurity.com/2022/07/WordPress-Transposh-Exploiting-a-Blind-SQL-Injection-via-XSS/"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/transposh-translation-filter-for-wordpress/trunk/transposh.php?rev=2682425#L1989"
},
{
"tags": [
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/167870/wptransposh107-auth.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.exploitalert.com/view-details.html?id=38891"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-2461",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:17:43.818829Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:18:40.559Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Transposh WordPress Translation",
"vendor": "oferwald",
"versions": [
{
"lessThanOrEqual": "1.0.8.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Julien Ahrens"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient permissions checking on the \u0027tp_translation\u0027 AJAX action and default settings which makes it possible for unauthenticated attackers to influence the data shown on the site."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-862 Missing Authorization",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-26T20:25:43.344Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/223373fc-9d78-47f0-b283-109f8e00b802?source=cve"
},
{
"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2461"
},
{
"url": "https://www.rcesecurity.com/2022/07/WordPress-Transposh-Exploiting-a-Blind-SQL-Injection-via-XSS/"
},
{
"url": "https://plugins.trac.wordpress.org/browser/transposh-translation-filter-for-wordpress/trunk/transposh.php?rev=2682425#L1989"
},
{
"url": "https://packetstormsecurity.com/files/167870/wptransposh107-auth.txt"
},
{
"url": "https://www.exploitalert.com/view-details.html?id=38891"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-07-18T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2022-2461",
"datePublished": "2022-09-06T17:18:58.000Z",
"dateReserved": "2022-07-18T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:18:40.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-2462
Vulnerability from cvelistv5
Published
2022-09-06 17:18
Modified
2024-10-15 18:34
Severity ?
EPSS score ?
Summary
The Transposh WordPress Translation plugin for WordPress is vulnerable to sensitive information disclosure to unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient permissions checking on the 'tp_history' AJAX action and insufficient restriction on the data returned in the response. This makes it possible for unauthenticated users to exfiltrate usernames of individuals who have translated text.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| oferwald | Transposh WordPress Translation |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:07.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bd1f12ac-86ac-4be9-9575-98381c3b4291?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/transposh-translation-filter-for-wordpress/trunk/transposh.php?rev=2682425#L1948"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2462"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.rcesecurity.com/2022/07/WordPress-Transposh-Exploiting-a-Blind-SQL-Injection-via-XSS/"
},
{
"tags": [
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/167878/wptransposh1081-disclose.txt"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-2462",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:29:07.716419Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T18:34:52.936Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Transposh WordPress Translation",
"vendor": "oferwald",
"versions": [
{
"lessThanOrEqual": "1.0.8.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Julien Ahrens"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Transposh WordPress Translation plugin for WordPress is vulnerable to sensitive information disclosure to unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient permissions checking on the \u0027tp_history\u0027 AJAX action and insufficient restriction on the data returned in the response. This makes it possible for unauthenticated users to exfiltrate usernames of individuals who have translated text."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-200 Information Exposure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-11T08:32:55.069Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bd1f12ac-86ac-4be9-9575-98381c3b4291?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/transposh-translation-filter-for-wordpress/trunk/transposh.php?rev=2682425#L1948"
},
{
"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2462"
},
{
"url": "https://www.rcesecurity.com/2022/07/WordPress-Transposh-Exploiting-a-Blind-SQL-Injection-via-XSS/"
},
{
"url": "https://packetstormsecurity.com/files/167878/wptransposh1081-disclose.txt"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-07-18T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2022-2462",
"datePublished": "2022-09-06T17:18:57",
"dateReserved": "2022-07-18T00:00:00",
"dateUpdated": "2024-10-15T18:34:52.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}