Posted by Jouko Pynnonen on Mar 12

*OVERVIEW*

WPML is the industry standard for creating multi-lingual WordPress sites.
Three vulnerabilities were found in the plug-in. The most serious of them,
an SQL injection problem, allows anyone to read the contents of the
WordPress database, including user details and password hashes, without
authentication.

System administrators should update to version 3.1.9.1 released earlier
this week to resolve the issues.

*DETAILS*

*1. SQL…