Vulnerabilities > Onthegosystems > Sitepress Multilingual CMS > 2.9.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-14 | CVE-2020-10568 | Cross-Site Request Forgery (CSRF) vulnerability in Onthegosystems Sitepress-Multilingual-Cms 2.9.3/3.2.6/4.3.7 The sitepress-multilingual-cms (WPML) plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. | 8.8 |
| 2019-09-26 | CVE-2015-9416 | Cross-site Scripting vulnerability in Onthegosystems Sitepress-Multilingual-Cms 2.9.3/3.2.6 The sitepress-multilingual-cms (WPML) plugin 2.9.3 to 3.2.6 for WordPress has XSS via the Accept-Language HTTP header. | 6.1 |