CVE-2022-2461 Scanner

The Transposh WordPress Translation plugin is widely used by website owners to automatically translate website content into different languages. It is integrated into WordPress, which is a highly popular content management system for creating and managing websites. The plugin aids in reaching a broader audience by catering to different language speakers across the globe. It is mostly used by bloggers, small businesses, and others who aim to have a multi-language online presence. The plugin simplifies the process of content translation and supports seamless integration within the WordPress environment. It is designed to enhance the user experience by offering language switching capabilities on the website.

The vulnerability relates to the Missing Authorization issue in the Transposh WordPress Translation plugin. When exploited, unauthorized users are able to alter plugin settings without approval, as the plugin fails to adequately check permission on certain actions. This vulnerability affects versions up to 1.0.8, where default settings and insufficient permission checking are present. It allows attackers to influence sensitive settings and potentially manipulate displayed data. The issue involves the 'tp_translation' AJAX action being improperly secured, leading to potential unauthorized changes.

Technically, the vulnerability exists due to inadequate permission checks on the 'tp_translation' AJAX action in the plugin. This endpoint allows unauthenticated users to perform unauthorized settings changes, exploiting the lack of sufficient security measures. The parameters involved such as 'ln0', 'sr0', 'items', and others can be manipulated to change plugin settings through crafted requests. The plugin listens to requests sent to '/wp-admin/admin-ajax.php', where these settings changes are triggered. This exploitation could lead to further unexpected behaviors on the WordPress site using the plugin.

If exploited, the vulnerability can allow malicious users to make unauthorized changes to website translations and settings. This can result in altered content presentation and may lead to false information being displayed to users. Site integrity and trust could be compromised, and unauthorized settings could disrupt normal website operations. Depending on the extent of the manipulation, this could further affect SEO and visitor engagement negatively. Ultimately, the site's reputation and effectiveness in reaching its audience could suffer, requiring swift action to mitigate any unauthorized changes.

REFERENCES

• https://wpscan.com/vulnerability/56a961b0-66b7-4dbf-a0e4-0cd38c9aa8dd/
• https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2022-2461.txt
• https://www.wordfence.com/threat-intel/vulnerabilities/id/223373fc-9d78-47f0-b283-109f8e00b802?source=cve
• https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2461