Vulnerability Database

Published: Sep 26, 2019
Updated: Nov 9, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2015-9416" target="_blank" rel="noopener"> CVE-2015-9416
Severity: Medium
Exploit:

299,751

Total vulnerabilities in the database

The sitepress-multilingual-cms (WPML) plugin 2.9.3 to 3.2.6 for WordPress has XSS via the Accept-Language HTTP header.

CVSS v3:

CVSS v2:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
onthegosystems / sitepress-multilingual-cms	2.9.3	3.2.6.x

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.