The qtranslate-x plugin prior to 3.4.4 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=qtranslate-x json_config_files or json_custom_i18n_config parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
qtranslate x project qtranslate x |