CVE-2023-51371 WordPress Bit Assist Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)

🗓️ 29 Dec 2023 10:58:40Reported by PatchstackType

WordPress Bit Assist Plugin Vulnerable to XS

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2023-51371	29 Dec 202312:26	–	circl
CNNVD	WordPress Plugin Chat WidgetCustomer Support Button with floating Chat Widget Cross-site Scripting Vulnerability	29 Dec 202300:00	–	cnnvd
CVE	CVE-2023-51371	29 Dec 202310:58	–	cve
EUVD	EUVD-2023-56092	3 Oct 202520:07	–	euvd
NVD	CVE-2023-51371	29 Dec 202311:15	–	nvd
OSV	CVE-2023-51371	29 Dec 202311:15	–	osv
Patchstack	WordPress Bit Assist Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)	26 Dec 202300:00	–	patchstack
Prion	Cross site scripting	29 Dec 202311:15	–	prion
Positive Technologies	PT-2023-31794 · Unknown · Bit Assist Chat Widget	29 Dec 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-51371	23 May 202502:09	–	redhatcve

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "bit-assist",
    "product": "Chat Widget: WhatsApp Chat, Facebook Messenger Chat, Telegram Chat Bubble, Line Messenger, Live Chat Support Chat Button, WeChat, SMS, Call Button, Customer Support Button with floating Chat Widget",
    "vendor": "Bit Assist",
    "versions": [
      {
        "changes": [
          {
            "at": "1.2",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "1.1.9",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/bit-assist/wordpress-chat-button-plugin-1-1-9-cross-site-scripting-xss-vulnerability

28 Apr 2026 16:09Current

5.9Medium risk

Vulners AI Score5.9

CVSS 3.15.9

EPSS0.00122

CWE-79