VulnTitan VulnTitan Security command center
Plugin Vulnerability Hub
Plugin 4 known issues Latest disclosed Sep 10, 2025

My WP Translate Vulnerabilities

Review known vulnerability records for the WordPress plugin My WP Translate (`my-wp-translate`), including severity, CVE references, affected versions, and patch status.

Recent tracked CVEs on this page include CVE-2025-8425, CVE-2025-8423 and CVE-2017-18568, so operators can jump from disclosure to patch validation without scanning the full feed first.

View on WordPress.org Back to Feed
Known Records
4
High or Critical
2
Patch Coverage
100%
Last Updated
Sep 11, 2025
Priority CVE Quick Links

Fast paths into My WP Translate CVE reports

Start with the highest-signal CVE records for this WordPress plugin before scanning the full vulnerability feed.

Indexed CVEs
4
CVE-2025-8425 High No patch listed
CVE-2025-8425 My WP Translate Privilege Escalation

My WP Translate <= 1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

CVE-2017-18569 High 1.0.4
CVE-2017-18569 My WP Translate Authorization Bypass

My WP Translate <= 1.0.3 - Unprotected AJAX Actions

CVE-2017-18568 Medium 1.0.4
CVE-2017-18568 My WP Translate Cross-Site Scripting

My WP Translate <= 1.0.3 - Reflected Cross-Site Scripting

CVE-2025-8423 Medium No patch listed
CVE-2025-8423 My WP Translate Vulnerability

My WP Translate <= 1.1 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Option Read and Deletion

Coverage Snapshot

What this page helps you verify fast

This hub clusters every indexed record for My WP Translate so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.

Patch Visibility
4 records include a published patch path, leaving 0 with no listed safe release yet.
Severity Mix
0 critical and 2 high severity findings.
Recent CVEs
CVE-2025-8425, CVE-2025-8423 and CVE-2017-18568
Reference Workflow
Jump from the hub into the full report when you need remediation notes, exploit context, CVSS vectors, or source references.
Triage First

Open the records most likely to drive action

These recent records surface the CVE strings, patch cues, and direct report links most operators need first.

Known Vulnerabilities

Reports for My WP Translate

Sorted by latest disclosure date so newly published issues surface first.

Plugin High Patched: No CVE-2025-8425
CVE-2025-8425: My WP Translate <= 1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The My WP Translate plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ajax_import_strings() function in all versions up to, and including, 1.1. This makes it possible for authenti...

Published
Sep 10, 2025
Patched Release
Not published
Affected Versions
Versions up to 1.1
Next Step
Open the full report for remediation notes and references.
Open CVE-2025-8425 Report Open CVE Reference
Plugin Medium Patched: No CVE-2025-8423
CVE-2025-8423: My WP Translate <= 1.1 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Option Read and Deletion

The My WP Translate plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mtswpt_remove_plugin() and ajax_update_export_code() functions in all versions up to, and including, 1.1. This makes it possible for authenticated...

Published
Sep 10, 2025
Patched Release
Not published
Affected Versions
Versions up to 1.1
Next Step
Open the full report for remediation notes and references.
Open CVE-2025-8423 Report Open CVE Reference
Plugin Medium Patched: Yes CVE-2017-18568
CVE-2017-18568: My WP Translate <= 1.0.3 - Reflected Cross-Site Scripting

The My WP Translate plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping on the 'tab' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web s...

Published
Oct 10, 2017
Patched Release
1.0.4
Affected Versions
Versions up to 1.0.3
Next Step
Update to 1.0.4 or newer if supported.
Open CVE-2017-18568 Report Open CVE Reference
Plugin High Patched: Yes CVE-2017-18569
CVE-2017-18569: My WP Translate <= 1.0.3 - Unprotected AJAX Actions

The My WP Translate plugin for WordPress is vulnerable to an authorization bypass weakness in versions up to, and including, 1.0.3. This is due to missing capability checks and nonce validation on the following functions: ajax_translation_panel(), ajax_save_translation(), ajax_ad...

Published
Oct 09, 2017
Patched Release
1.0.4
Affected Versions
Versions before 1.0.4
Next Step
Update to 1.0.4 or newer if supported.
Open CVE-2017-18569 Report Open CVE Reference