My Wp Translate CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-8425	2 Mythemeshop, Wordpress	2 My Wp Translate, Wordpress	2025-09-12	8.8 High
The My WP Translate plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ajax_import_strings() function in all versions up to, and including, 1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
CVE-2025-8423	2 Mythemeshop, Wordpress	2 My Wp Translate, Wordpress	2025-09-12	5.4 Medium
The My WP Translate plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mtswpt_remove_plugin() and ajax_update_export_code() functions in all versions up to, and including, 1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read and delete arbitrary WordPress options which can cause a denial of service.
CVE-2017-18569	1 Mythemeshop	1 My Wp Translate	2024-11-21	N/A
The my-wp-translate plugin before 1.0.4 for WordPress has CSRF.
CVE-2017-18568	1 Mythemeshop	1 My Wp Translate	2024-11-21	N/A
The my-wp-translate plugin before 1.0.4 for WordPress has XSS.

Page 1 of 1.