Vulnerabilities in WPML
2 resultsCVE-2024-6386CRITICALWPML Multilingual CMS <= 4.6.12 - Authenticated (Contributor+) Remote Code Execution via Twig Server-Side Template InjectionEPSS 25.0%CVE-2025-3488MEDIUMWPML Multilingual CMS 3.6.0 - 4.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpml_language_switcher ShortcodeEPSS 0.2%