← Back

Sitepress Multilingual Cms

sitepress-multilingual-cms

Vendor: Onthegosystems • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-10568
1Onthegosystems
1Sitepress Multilingual Cms
Jun 17, 2026
Mar 14, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
The sitepress-multilingual-cms (WPML) plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of requests that leverag...Show more
The sitepress-multilingual-cms (WPML) plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of requests that leverage unintended comparisons of integers to strings.Show less
CVE-2015-9416
1Onthegosystems
1Sitepress Multilingual Cms
Nov 21, 2024
Sep 26, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
The sitepress-multilingual-cms (WPML) plugin 2.9.3 to 3.2.6 for WordPress has XSS via the Accept-Language HTTP header.