cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-3141,https://securityvulnerability.io/vulnerability/CVE-2022-3141,Translatepress Multilinugal < 2.3.3 - Admin+ SQLi,"The Translate Multilingual sites WordPress plugin before 2.3.3 is vulnerable to an authenticated SQL injection. By adding a new language (via the settings page) containing specific special characters, the backticks in the SQL query can be surpassed and a time-based blind payload can be injected.",Wordpress,Translate Multilingual Sites – Translatepress,8.8,HIGH,0.0024300001095980406,false,,false,false,false,,false,false,2022-09-19T00:00:00.000Z,0
CVE-2021-24610,https://securityvulnerability.io/vulnerability/CVE-2021-24610,TranslatePress < 2.0.9 - Authenticated Stored Cross-Site Scripting,"The TranslatePress WordPress plugin before 2.0.9 does not implement a proper sanitisation on the translated strings. The 'trp_sanitize_string' function only removes script tag with a regex, still allowing other HTML tags and attributes to execute javascript, which could lead to authenticated Stored Cross-Site Scripting issues.",Wordpress,Translate Multilingual Sites – Translatepress,4.8,MEDIUM,0.0008999999845400453,false,,false,false,false,,false,false,2021-09-27T15:25:23.000Z,0