CVE-2021-34630 Scanner

The GTranslate plugin is used by website administrators to enable automatic language translation services on WordPress-powered websites. It is popular among small to medium-sized businesses and content creators aiming to reach multilingual audiences. The Pro and Enterprise versions offer additional features like enhanced translation accuracy and support for multiple languages.

The vulnerability detected allows attackers to execute malicious scripts in the context of a user's browser session. This happens because the `gtranslate_request_uri_var` function improperly sanitizes the contents of the `$_SERVER['REQUEST_URI']` variable in specific conditions, such as older browser usage or interception of the request by an attacker.

The issue is tied to improper handling of user-provided input within the request URI. Despite using `addslashes`, older browsers or non-standard client-server interactions expose the reflected XSS flaw. It affects endpoints where the `gtranslate_request_uri_var` function is invoked on WordPress pages.

Exploitation of this vulnerability could result in attackers injecting scripts that steal user data, hijack sessions, or perform malicious redirections. The flaw requires user interaction, such as visiting a crafted link, to be triggered successfully.

REFERENCES

• https://wpscan.com/vulnerability/dfac81bb-7807-4288-aee3-43c7653c6446/
• https://nvd.nist.gov/vuln/detail/CVE-2021-34630