Unvalidated Debug Settings in Transposh WordPress Translation Plugin Allow for Remote Code Execution (RCE)
CVE-2022-25812 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
The Transposh WordPress Translation WordPress plugin before 1.0.8 does not validate its debug settings, which could allow allowing high privilege users such as admin to perform RCE
Learn more about our Wordpress Pen Testing.