CVE-2022-25810 Information

Description

The Transposh WordPress Translation WordPress plugin through 1.0.8 exposes a couple of sensitive actions such has “tp_reset� under the Utilities tab (/wp-admin/admin.php?page=tp_utils) which can be used/executed as the lowest-privileged user. Basically all Utilities functionalities are vulnerable this way which involves resetting configurations and backup/restore operations.

Reference

https://wpscan.com/vulnerability/9a934a84-f0c7-42ed-b980-bb168b2c5892