{"uuid": "fe183b42-4ac8-422f-9575-7bfe5c32142f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9109", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mo5vdj745l2x", "content": "GPTranslate for WordPress (<=2.31) hit by HIGH severity stored XSS (CVE-2026-9109). Unauthenticated attackers can inject scripts via REST API. Disable or restrict plugin until patched. https://radar.offseq.com/threat/cve-2026-9109-cwe-79-improper-neutralization-of-in-ff1b31ef #OffSeq #WordPress #XSS", "creation_timestamp": "2026-06-13T09:01:21.400845Z"}