Webilop User Language Switch
3 CVEs affecting Webilop User Language Switch. Latest disclosed: 2026-02-14. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-49064 | High | 7.1 | 2025-08-14 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webilop User Language Switch user-language-switch allows… |
CVE-2026-0745 | Medium | 5.5 | 2026-02-14 | The User Language Switch plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.10 due to missing URL vali… |
CVE-2026-0735 | Medium | 4.4 | 2026-02-14 | The User Language Switch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tab_color_picker_language_switch' parameter in all versions… |