CVE-2025-30621
📋 TL;DR
A Cross-Site Request Forgery (CSRF) vulnerability in the kornelly Translator WordPress plugin allows attackers to inject malicious scripts that become stored XSS. When exploited, this lets attackers execute arbitrary JavaScript in victims' browsers. This affects all WordPress sites using Translator plugin versions up to 0.3.
💻 Affected Systems
- kornelly Translator WordPress plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could steal administrator session cookies, take over WordPress admin accounts, deface websites, or redirect visitors to malicious sites.
Likely Case
Attackers would inject malicious scripts to steal user session data or perform actions on behalf of authenticated users.
If Mitigated
With proper CSRF protections and content security policies, the attack surface is significantly reduced.
🎯 Exploit Status
Exploitation requires social engineering to trick authenticated users. The CSRF leads to stored XSS payload injection.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version after 0.3
Vendor Advisory: https://patchstack.com/database/wordpress/plugin/translator/vulnerability/wordpress-translator-plugin-0-3-csrf-to-stored-xss-vulnerability?_s_id=cve
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Translator' plugin. 4. Click 'Update Now' if update available. 5. If no update, deactivate and remove plugin immediately.
🔧 Temporary Workarounds
Disable Translator Plugin
WordPressTemporarily disable the vulnerable plugin until patched version is available
wp plugin deactivate translator
🧯 If You Can't Patch
- Remove Translator plugin completely from WordPress installation
- Implement strict Content Security Policy (CSP) headers to mitigate XSS impact
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel > Plugins > Installed Plugins for Translator plugin version 0.3 or earlierCheck Version:
wp plugin get translator --field=versionVerify Fix Applied:
Verify Translator plugin version is higher than 0.3 or plugin is removed📡 Detection & Monitoring
Log Indicators:
- Unusual POST requests to translator plugin endpoints
- JavaScript injection patterns in plugin settings
Network Indicators:
- CSRF token missing in requests to translator endpoints
- Unexpected cross-origin requests to plugin admin pages
SIEM Query:
source="wordpress" AND (plugin="translator" AND version<="0.3")