15 matches found
CVE-2026-15106
The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 8.5.6. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
CVE-2026-15106
The WPBot – AI ChatBot for Live Support WordPress plugin is vulnerable to an authorization bypass in all versions up to 8.5.6. The issue allows unauthenticated attackers to delete arbitrary chat session records from wpbot_user andwpbot_conversation by supplying a crafted userid value, indicating ...
CVE-2026-15106 WPBot <= 8.5.6 - Missing Authorization to Unauthenticated Arbitrary Chat Session Deletion via 'userid' Parameter
The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 8.5.6. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
EUVD-2026-44892
The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 8.5.6. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
CVE-2026-41354
OpenClaw before 2026.4.2 contains an insufficient scope vulnerability in Zalo webhook replay dedupe keys that allows legitimate events from different conversations or senders to collide. Attackers can exploit weak deduplication scoping to cause silent message suppression and disrupt bot workflows...
PT-2026-34785
OpenClaw before 2026.4.2 contains an insufficient scope vulnerability in Zalo webhook replay dedupe keys that allows legitimate events from different conversations or senders to collide. Attackers can exploit weak deduplication scoping to cause silent message suppression and disrupt bot workflows...
EUVD-2019-10434
Malware in sbrugna...
EUVD-2018-10535
Malware in sbrugna...
PT-2023-9667 · Cisco · Cisco Unified Contact Center Enterprise +1
Name of the Vulnerable Software and Affected Versions: Cisco Enterprise Chat and Email ECE affected versions not specified Description: A vulnerability in the External Agent Assignment Service EAAS feature could allow an unauthenticated, remote attacker to cause a denial of service DoS condition ...
Authentication Bypass
onionsharecli is vulnerable to authentication bypass. The vulnerability exists in chatmode.py because the chat sessions are not handled with proper validations which allows an attacker to access the chat environment, impersonate existing chat participants and write messages...
Improper access control
A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 7.3.0.601 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP2 8.0.2.202, and MiVoice Business Express versions 7.3 PR3 7.3.1.302 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP1 8.0.2.202, could allow creation of...
CVE-2018-18819
A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 7.3.0.601 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP2 8.0.2.202, and MiVoice Business Express versions 7.3 PR3 7.3.1.302 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP1 8.0.2.202, could allow creation of...
CVE-2018-18819
CVE-2018-18819 affects MiCollab web conference chat component and MiVoice Business Express: MiCollab versions 7.3 PR6 (7.3.0.601) and earlier, and 8.0 (8.0.0.40) through 8.0 SP2 FP2 (8.0.2.202); MiVoice Business Express versions 7.3 PR3 (7.3.1.302) and earlier, and 8.0 (8.0.0.40) through 8.0 SP2 ...
Crafty Syntax Live Help 2.7.3 - Multiple HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/10463/info CSLH is prone to multiple HTML injection vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data. The problem presents itself in various modules of the application and can all...
CVE-2014-0890
The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, 8.5.2.1, 9.0, and 9.0.0.1, when a certain com.ibm.collaboration.realtime.telephony..level setting is used, logs cleartext passwords during Audio/Video chat sessions, which allows local users to obtain sensitive information by...