Unvalidated Debug Settings in Transposh WordPress Translation Plugin Allow for Remote Code Execution (RCE)

Unvalidated Debug Settings in Transposh WordPress Translation Plugin Allow for Remote Code Execution (RCE)

CVE-2022-25812 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE

Learn more about our Wordpress Pen Testing.