|2020-03-09||WPML < 4.3.7 - Authenticated Cross Site Request Forgery leading to Remot...||fixed in version 4.3.7 - plugin closed|
|2018-10-08||WPML <= 3.6.3 - Unauthenticated Stored Cross-Site Scripting (XSS)||fixed in version 4.0 - plugin closed|
|2015-09-02||WPML 2.9.3-3.2.6 - Cross-Site Scripting (XSS) in Accept-Language Header||fixed in version 3.2.7 - plugin closed|
|2015-03-12||WPML <= 188.8.131.52 - Multiple Vulnerabilities (Including SQLi)||fixed in version 3.1.9 - plugin closed|
Is this your plugin?
We offer WordPress plugin security testing to help identify security vulnerabilities within your plugin. Please note that this is a paid service. If you are interested in talking about having your plugin tested by WordPress security experts, get in touch.