cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-4410,https://securityvulnerability.io/vulnerability/CVE-2021-4410,Cross-Site Request Forgery Vulnerability in Qtranslate Slug for WordPress,"The Qtranslate Slug plugin for WordPress suffers from a Cross-Site Request Forgery vulnerability that affects versions up to 1.1.18. This issue arises from inadequate nonce validation in the save_postdata() function, allowing attackers to create forged requests. If a site administrator is tricked into clicking a malicious link, an unauthorized attacker could manipulate post data without authentication, leading to potential unauthorized changes on the WordPress site.",Wordpress,Qtranslate Slug,4.3,MEDIUM,0.00046999999904073775,false,,false,false,false,,false,false,2023-07-12T03:02:03.286Z,0
CVE-2015-10092,https://securityvulnerability.io/vulnerability/CVE-2015-10092,Qtranslate Slug Plugin class-qtranslate-slug.php add_slug_meta_box cross site scripting,A vulnerability was found in Qtranslate Slug Plugin up to 1.1.16 on WordPress. It has been classified as problematic. Affected is the function add_slug_meta_box of the file includes/class-qtranslate-slug.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 1.1.17 is able to address this issue. The name of the patch is 74b3932696f9868e14563e51b7d0bb68c53bf5e4. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222324.,Wordpress,Qtranslate Slug Plugin,3.5,LOW,0.000859999970998615,false,,false,false,false,,false,false,2023-03-06T05:31:04.279Z,0
CVE-2015-9431,https://securityvulnerability.io/vulnerability/CVE-2015-9431,,The qtranslate-x plugin before 3.4.4 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=qtranslate-x json_config_files or json_custom_i18n_config parameter.,Wordpress,Qtranslate X,6.5,MEDIUM,0.0021299999207258224,false,,false,false,false,,false,false,2019-09-26T01:06:12.000Z,0
CVE-2015-5535,https://securityvulnerability.io/vulnerability/CVE-2015-5535,,Cross-site scripting (XSS) vulnerability in the qTranslate plugin 2.5.39 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the edit parameter in the qtranslate page to wp-admin/options-general.php.,Wordpress,Qtranslate,,,0.005439999978989363,false,,false,false,false,,false,false,2015-08-13T14:00:00.000Z,0
CVE-2013-3251,https://securityvulnerability.io/vulnerability/CVE-2013-3251,,Cross-site request forgery (CSRF) vulnerability in the qTranslate plugin 2.5.34 and earlier for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors.,Wordpress,Qtranslate,,,0.0009200000204145908,false,,false,false,false,,false,false,2014-04-10T14:00:00.000Z,0