CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

The DeepL Pro API translation plugin WordPress plugin before 1.7.5 discloses sensitive information (including the DeepL API key) in files that are publicly accessible to an external, unauthenticated visitor.

CWE 1 Total

Learn more

CWE-552 Files or Directories Accessible to External Parties

Product Status

Learn more

Versions 1 Total

Default Status: unaffected

affected

Credits

Raad Haddad of Cloudyrion GmbH finder
WPScan coordinator

References 1 Total

https://wpscan.com/vulnerability/4248a0af-1b7e-4e29-8129-3f40c1d0c560
external site
exploitvdb-entrytechnical-description

Updated: 2024-08-03

This container includes required additional information provided by the CVE Program for this vulnerability.

References 1 Total

https://wpscan.com/vulnerability/4248a0af-1b7e-4e29-8129-3f40c1d0c560
external site
exploitvdb-entrytechnical-descriptionx_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: WPScan

Description

CWE 1 Total

Product Status

Credits

References 1 Total

CVE Program

References 1 Total