Polylang

Vulnerabilities 4Slug polylangLatest version 3.8.3WordPress.org →

Minimum safe version

3.7.4

Update to 3.7.4 or later to address 4 fixable vulnerabilities

Latest available3.8.3 ✓

High 8.8

2025-10-31< 3.7.4

CVE-2025-64353

N/A

< 2.5.1

Polylang <= 2.5 - CSRF in categories and media duplication

N/A

2019-01-16< 2.5.1

Polylang <= 2.5 - Cross-Site Request Forgery

N/A

2014-08-01< 1.5.2

Polylang <= 1.5.1 - Cross-Site Scripting