CVE-2020-11930

The GTranslate plugin before 2.8.52 for WordPress has Reflected XSS via a crafted link. This requires use of the hreflang tags feature within a sub-domain or sub-directory paid option. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt