QSearchQSearch

CVE-2026-49776

9.3 CRITICAL

Unauthenticated SQL Injection in GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites <= 2.32.6 vers...

Published: 2026-06-15 · Last updated: 2026-06-15

Severity and scoring

CVSS
9.3 CRITICAL
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
CWE
CWE-89

Description

Unauthenticated SQL Injection in GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites <= 2.32.6 versions.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-52700 Subscriber SQL Injection in WCMultiShipping <= 3.0.2 versions (8.5 HIGH)
  • CVE-2026-52697 Subscriber SQL Injection in Taskbuilder <= 5.0.7 versions (8.5 HIGH)
  • CVE-2026-52693 Unauthenticated SQL Injection in eCommerce Product Catalog <= 3.5.5 versions (9.3 CRITICAL)
  • CVE-2026-49067 Unauthenticated SQL Injection in Advanced 301 and 302 Redirect <= 1.6.9 versions (9.3 CRITICAL)
  • CVE-2026-48964 Subscriber SQL Injection in ELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.6 versions (8.5 HIGH)