CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

RedhatCVE•added 2025/05/23 8:23 a.m.•1 views

CVE-2024-1761

The WP Chat App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget/block in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping on user supplied attributes such as 'buttonColor' and 'phoneNumber'. This makes it...

6.4CVSS5.1AI score0.0022EPSS

Exploits0References1

Patchstack•added 2024/04/26 7:5 a.m.•4 views

WordPress WP Chat App plugin < 3.6.4 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin WP Chat App versions 3.6.4...

5.4CVSS6.1AI score0.00398EPSS

Exploits2References1Affected Software1

Patchstack•added 2024/04/05 7:21 a.m.•2 views

WordPress Form to Chat App plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin Form to Chat App versions = 1.1.6...

6.5CVSS6.1AI score0.00084EPSS

Exploits0Affected Software1

Patchstack•added 2024/04/01 4:5 a.m.•2 views

WordPress WP Chat App plugin <= 3.6.2 - Authenticated(Contributor+) Stored Cross-Site Scripting via Block Image Attribute vulnerability

AuthenticatedContributor+ Stored Cross-Site Scripting via Block Image Attribute vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin WP Chat App versions = 3.6.2...

6.4CVSS6.5AI score0.00196EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/03/07 12:0 a.m.•6 views

WordPress WP Chat App Plugin <= 3.6.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Chat App Type Plugin Vulnerable versions = 3.6.1 Fixed in 3.6.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1761 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b848bc725213 Credits Ngô Thiên An ancorn Required...

6.4CVSS5.7AI score0.0022EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2024/03/07 12:0 a.m.•1 views

PT-2024-18283 · WordPress · Wp Chat App

Name of the Vulnerable Software and Affected Versions: WP Chat App plugin for WordPress versions up to, and including, 3.6.1 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes such as buttonColor and phoneNumber. This allows...

6.4CVSS6.9AI score0.0022EPSS

Exploits0References6

Cvelist•added 2024/02/12 6:46 a.m.•14 views

CVE-2023-51370 WordPress WP Chat App Plugin <= 3.4.4 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NinjaTeam WP Chat App allows Stored XSS.This issue affects WP Chat App: from n/a through 3.4.4...

5.9CVSS5.9AI score0.00058EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by