All 4 CVE vulnerabilities found in Loco Translate, with AI-generated Chinese analysis, references, and POCs.
Vendor: Unknown
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-4146 | Loco Translate <= 2.8.2 - Reflected Cross-Site Scripting via 'update_href' Parameter CWE-79 | 6.1 | Medium | 2026-03-31 |
| CVE-2024-37236 | WordPress Loco Translate plugin <= 2.6.9 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 | 4.3 | Medium | 2025-01-02 |
| CVE-2022-0765 | Loco Translate < 2.6.1 - Authenticated Stored Cross-Site Scripting CWE-79 | 4.8 | - | 2022-04-18 |
| CVE-2021-24721 | Loco Translate < 2.5.4 - Authenticated PHP Code Injection CWE-94 | 6.5 | - | 2021-11-08 |
All 4 known CVE vulnerabilities affecting Loco Translate with full Chinese analysis, references, and POCs where available.