https://www.pluginvulnerabilities.com/2017/10/11/authenticated-option-deletion-vulnerability-in-my-wp-translate/

Recently we went to check on a report of a cross-site scripting (XSS) vulnerability in the plugin My WP Translate and while looking into that we noticed that there were a number AJAX accessible functions that didn’t have the proper protection so that anyone logged in could access them. That is an all too common situation. On a lot of

Share This