First published: Fri Jan 12 2018(Updated: )
The SrbTransLatin plugin 1.46 for WordPress has XSS via an srbtranslatoptions action to wp-admin/options-general.php with a lang_identificator parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Srbtranslatin Project Srbtranslatin | =1.46 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-5369 is a vulnerability in the SrbTransLatin plugin 1.46 for WordPress that allows for cross-site scripting (XSS) attacks.
CVE-2018-5369 works by exploiting the srbtranslatoptions action in wp-admin/options-general.php with a lang_identificator parameter.
CVE-2018-5369 has a severity rating of medium, with a CVSS score of 4.8.
To fix CVE-2018-5369, update the SrbTransLatin plugin to version 1.47 or later.
You can find more information about CVE-2018-5369 at the following references: [GitHub](https://github.com/d4wner/Vulnerabilities-Report/blob/master/SrbTransLatin.md), [WPScan](https://wpvulndb.com/vulnerabilities/9004).