On August 9th, community user @Cryptohaifeng_ posted on the X platform that there are security bugs in the "web page snapshot" function of the "immersive translation" plug-in. When generating and sharing translation snapshots, the data will be stored in publicly accessible cloud sites, and anti-crawlers are not deployed, or the content containing sensitive information such as wallet private keys and financing agreements will be leaked. Some users found that the leaked information involved ZhongAn International's participation in the A2 round of financing subscription agreement of Yuanbi Technology and other documents.
Previously, the product caused controversy by restricting users' use of cheap third-party APIs, forcing subscribers, and the founder's exposure of the addresses of other competing authors in the group.
The "Immersive Translation" plugin has a serious vulnerability that leaks user privacy, or leaks private keys
2025-08-09 10:11:58
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Previous article:
“沉浸式翻译”插件存在泄露用户隐私严重漏洞,或泄露私钥
