Security Advisory

CVE-2022-38461

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-17 21:59:46

Last updated 2026-04-28 16:07:47

Assigner Patchstack

State PUBLISHED

Description

Broken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on WordPress allows users with a subscriber or higher user role to change plugin settings (selected language for legacy widgets, the default behavior for media content).

← Browse all CVEs View on cve.org ↗