CVE-2020-11930

Name of the Vulnerable Software and Affected Versions GTranslate plugin versions prior to 2.8.52

Description The issue is related to Reflected XSS, which can be triggered via a crafted link. This requires the use of the hreflang tags feature within a sub-domain or sub-directory paid option.

Recommendations For versions prior to 2.8.52, update to version 2.8.52 or later to resolve the issue. As a temporary workaround, consider disabling the hreflang tags feature until a patch is available. Restrict access to the paid options that include sub-domain or sub-directory features to minimize the risk of exploitation.