Skip to main content

GPTranslate WordPress Plugin CVE-2026-9109

| EUVD-2026-36642 HIGH
Cross-site Scripting (XSS) (CWE-79)
2026-06-13 Wordfence GHSA-j66v-hr5c-cjh2
WordPress XSS Gptranslate Multilingual Ai Translation For Wordpress
7.2
CVSS 3.1 · NVD
Share

Severity by source

Vendor (Wordfence) PRIMARY
HIGH
qualitative
NVD
7.2 HIGH
AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
vuln.today AI
6.1 MEDIUM

Network-reachable REST endpoint, no auth (API key is publicly derivable), but victim must load the poisoned page (UI:R); injected script runs in site origin so scope changes with low C/I impact.

3.1 AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

Primary rating from Vendor (Wordfence).

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

2
Analysis Generated
Jun 13, 2026 - 07:12 vuln.today
CVE Published
Jun 13, 2026 - 05:32 cve.org
HIGH 7.2

DescriptionNVD

The GPTranslate - Multilingual AI Translation for WordPress: Automatically Translate Websites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API Translation Storage in all versions up to, and including, 2.31 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The deterministically derived API key (sha256 of the site URL) is printed in the HTML source of every page via the JavaScript variable gptApiKey, meaning any unauthenticated visitor can retrieve the key and submit malicious translation payloads to the /wp-json/gptranslate/v1/request endpoint without any additional precondition.

Articles & Coverage 2

News 3 New WordPress Vulnerabilities - 3 High Severity Jun 14, 2026 News 3 New WordPress Vulnerabilities - 3 High Severity Jun 13, 2026

AnalysisAI

Stored cross-site scripting in the GPTranslate - Multilingual AI Translation WordPress plugin (versions ≤ 2.31) allows unauthenticated attackers to inject arbitrary JavaScript into translated pages via the /wp-json/gptranslate/v1/request REST endpoint. Because the API key is deterministically derived as sha256(site_url) and exposed in every page's HTML as the gptApiKey JavaScript variable, any visitor can recover it and submit malicious translation payloads that execute in the browsers of subsequent visitors. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Visit public page, scrape gptApiKey from HTML
Delivery
Compute/confirm sha256(site_url) API key
Exploit
POST malicious translation to /wp-json/gptranslate/v1/request
Install
Poisoned translation cached server-side
C2
Victim loads translated page
Execute
Script executes in site origin
Impact
Steal admin session or redirect users
Sign in to reveal

Vulnerability AssessmentAI

Exploitation The target WordPress site must have the GPTranslate - Multilingual AI Translation plugin installed and active at version 2.31 or earlier with the REST API enabled (default for WordPress). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N (7.2 High) is consistent with the description: network reachable, low complexity, no privileges, no user interaction beyond visiting an injected page, and scope change because injected script runs in the WordPress site origin against other users. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated attacker visits any page on the target WordPress site, reads the gptApiKey JavaScript variable from the HTML source (it is sha256(site_url) and the same for every visitor), then POSTs a crafted translation payload containing JavaScript to /wp-json/gptranslate/v1/request. The payload is stored as the cached translation for a target page; every subsequent visitor of that page executes the attacker's script in the site origin, enabling cookie theft, session hijacking of logged-in administrators, or drive-by redirection. …
Remediation Upgrade to GPTranslate 2.32 or later, which per the WordPress plugin trac (https://plugins.trac.wordpress.org/browser/gptranslate/tags/2.32/gptranslate.php) reworks the affected request handler around lines 1104 and 3574; this corresponds to an upstream fix available (released patched version 2.32 referenced in the trac repository). … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Inventory all WordPress instances running GPTranslate plugin versions ≤ 2.31 and immediately disable/uninstall the plugin. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-49776 CRITICAL
9.3 Jun 15

Unauthenticated SQL injection in the GPTranslate - Multilingual AI Translation for WordPress plugin (versions 2.32.6 and

Share

CVE-2026-9109 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy