Learning source code review, spot vulnerability, find some ways how to fix it.
- Authenticated Stored XSS on Custom text for the floating widget field - Translate WordPress – Google Language Translator
- Translate Multilingual sites - TranslatePress < 2.0.9 - Authenticated Stored Cross-Site Scripting - CVE-2021-24610
This is just my note to learn source code review and how to make the exploit. Let me know if I do anything wrong, your feedback is always welcome.
30 August 2021