CVE-2025-30632: 
WordPress vulnerability analysis and mitigation

Cross-Site Request Forgery (CSRF) vulnerability affects pozzad Global Translator WordPress plugin versions through 2.0.2. The vulnerability was discovered by Nabil Irawan and was disclosed on June 6, 2025. The issue has been assigned CVE-2025-30632 and received a CVSS v3.1 base score of 5.4 (Medium) (NVD, Patchstack).

The vulnerability is classified as CWE-352 (Cross-Site Request Forgery) and has been assigned a CVSS v3.1 vector string of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L. The vulnerability requires no privileges (unauthenticated) to exploit, though it does require user interaction. The attack vector is network-accessible, with low attack complexity (NVD, Patchstack).

This vulnerability could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. The CVSS scoring indicates low impact on both integrity and availability, with no direct impact on confidentiality (Patchstack).

Currently, there is no official fix available for this vulnerability. The issue affects versions up to and including 2.0.2 of the Global Translator plugin (Patchstack).