2023-07-10 12:40:36
WPScan
PUBLISHED
The Greeklish-permalink WordPress plugin through 3.3 does not implement correct authorization or nonce checks in the cyrtrans_ajax_old AJAX action, allowing unauthenticated and low-privilege users to trigger the plugins functionality to change Post slugs either directly or through CSRF.