114 matches found
WP Live Chat Support <= 8.0.27 — Stored Cross-Site Scripting
wp-live-chat-support plugin before 8.0.27 for WordPress contains a reflected cross-site scripting caused by insufficient sanitization in the GDPR page, letting attackers execute arbitrary scripts in the context of the victim's browser, exploit requires victim to visit a malicious page. id:...
CVE-2026-8681
The Essential Chat Support plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to reset all...
CVE-2026-8681
The Essential Chat Support plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to reset all...
CVE-2026-8681
CVE-2026-8681 affects the WordPress plugin “Essential Chat Support” up to version 1.0.1. The issue is an authorization bypass where unauthenticated attackers can reset all plugin settings by sending a POST request with ecs_reset_settings=1, potentially affecting general settings, display rules, c...
CVE-2026-8681 Essential Chat Support <= 1.0.1 - Missing Authorization to Unauthenticated Settings Reset via 'ecs_reset_settings' Parameter
The Essential Chat Support plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to reset all...
CVE-2026-8681 Essential Chat Support <= 1.0.1 - Missing Authorization to Unauthenticated Settings Reset via 'ecs_reset_settings' Parameter
The Essential Chat Support plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to reset all...
EUVD-2026-30669
The Essential Chat Support plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to reset all...
WordPress plugin Essential Chat Support 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress Essential Chat Support plugin <= 1.0.1 - Missing Authorization to Unauthenticated Settings Reset vulnerability
Missing Authorization to Unauthenticated Settings Reset vulnerability discovered by Legion Hunter in WordPress Plugin Essential Chat Support versions = 1.0.1...
CVE-2019-11185
The WP Live Chat Support Pro plugin through 8.0.26 for WordPress contains an arbitrary file upload vulnerability. This results from an incomplete patch for CVE-2018-12426. Arbitrary file upload is achieved by using a non-blacklisted executable file extension in conjunction with a whitelisted file...
WordPress Better Chat Support for Messenger plugin missing license vulnerability
WordPress Better Chat Support for Messenger plugin is a live chat feature for WordPress websites that supports FacebookMessenger integration, allowing users to communicate with visitors instantly through a chat window. The WordPress Better Chat Support for Messenger plugin suffers from a missing...
CVE-2025-66113
Missing Authorization vulnerability in ThemeAtelier Better Chat Support for Messenger better-chat-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Better Chat Support for Messenger: from n/a through = 1.2.18...
EUVD-2025-198441
Missing Authorization vulnerability in ThemeAtelier Better Chat Support for Messenger better-chat-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Better Chat Support for Messenger: from n/a through = 1.2.18...
CVE-2025-66113 WordPress Better Chat Support for Messenger plugin <= 1.2.18 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThemeAtelier Better Chat Support for Messenger better-chat-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Better Chat Support for Messenger: from n/a through = 1.2.18...
CVE-2025-66113 WordPress Better Chat Support for Messenger plugin <= 1.2.18 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThemeAtelier Better Chat Support for Messenger better-chat-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Better Chat Support for Messenger: from n/a through = 1.2.18...
CVE-2025-66113
CVE-2025-66113 affects the WordPress plugin Better Chat Support for Messenger (ThemeAtelier) up to version 1.2.18, describing a Missing Authorization / Broken Access Control vulnerability. Connected sources (Wordfence intelligence report and PatchStack) confirm the issue and indicate a patch has ...
WordPress plugin Better Chat Support for Messenger 安全漏洞
WordPress Better Chat Support for Messenger plugin is a live chat feature for WordPress websites that supports FacebookMessenger integration, allowing users to communicate with visitors instantly through a chat window. The WordPress Better Chat Support for Messenger plugin suffers from a missing...
PT-2025-47775
Missing Authorization vulnerability in ThemeAtelier Better Chat Support for Messenger better-chat-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Better Chat Support for Messenger: from n/a through = 1.2.18...
EUVD-2016-1873
Malware in sbrugna...
EUVD-2018-21456
Malware in sbrugna...