Browse all 4 CVE security advisories affecting conveythis. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Conveythis is a website localization service enabling businesses to translate and adapt content across multiple languages. Historically, the platform has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its four recorded CVEs. These vulnerabilities typically stem from insufficient input validation and improper access controls in its translation management system. While no major public security incidents have been widely reported, the consistent pattern of critical vulnerabilities in its codebase suggests ongoing challenges in secure development practices, potentially exposing client data and systems to compromise.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-68021 | WordPress ConveyThis plugin <= 269.9 - Broken Access Control vulnerability — ConveyThisCWE-862 | 6.5 | Medium | 2026-02-20 |
| CVE-2025-62152 | WordPress ConveyThis plugin <= 269.2 - Broken Access Control vulnerability — ConveyThisCWE-862 | 5.3 | Medium | 2025-12-09 |
| CVE-2025-57919 | WordPress ConveyThis plugin <= 269.1 - PHP Object Injection vulnerability — ConveyThisCWE-502 | 7.2 | High | 2025-09-22 |
| CVE-2023-6811 | Language Translate Widget for WordPress – ConveyThis <= 223 - Unauthenticated Stored Cross-Site Scripting via api_key — Translate WordPress Websites Globally with ConveyThis TranslateCWE-79 | 7.2 | High | 2024-04-11 |
This page lists every published CVE security advisory associated with conveythis. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.