sitepress-multilingual-cms logo


Plugin Vulnerabilities

2020-03-09 WPML < 4.3.7 - Authenticated Cross Site Request Forgery leading to Remot... fixed in version 4.3.7  - plugin closed
2018-10-08 WPML <= 3.6.3 - Unauthenticated Stored Cross-Site Scripting (XSS) fixed in version 4.0  - plugin closed
2015-09-02 WPML 2.9.3-3.2.6 - Cross-Site Scripting (XSS) in Accept-Language Header fixed in version 3.2.7  - plugin closed
2015-03-12 WPML <= - Multiple Vulnerabilities (Including SQLi) fixed in version 3.1.9  - plugin closed

Is this your plugin?

We offer WordPress plugin security testing to help identify security vulnerabilities within your plugin. Please note that this is a paid service. If you are interested in talking about having your plugin tested by WordPress security experts, get in touch.