Vulnerabilities > CVE-2022-0770 - Unspecified vulnerability in Gtranslate Translate Wordpress With Gtranslate
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The Translate WordPress with GTranslate WordPress plugin before 2.9.9 does not have CSRF check in some files, and write debug data such as user's cookies in a publicly accessible file if a specific parameter is used when requesting them. Combining those two issues, an attacker could gain access to a logged in admin cookies by making them open a malicious link or page