CVE-2026-1921 | timwhitlock Loco Translate Plugin up to 2.8.2 on WordPress findSourceFile path traversal

A vulnerability, which was classified as critical, was found in timwhitlock Loco Translate Plugin up to 2.8.2 on WordPress. Affected by this issue is the function findSourceFile. Such manipulation leads to path traversal.

This vulnerability is documented as CVE-2026-1921. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More