18 matches found
WordPress Chatwee plugin cross-site request forgery vulnerability
WordPress Chatwee plugin is a plugin for adding live chat functionality to your WordPress website with multi-language and internationalization support. The WordPress Chatwee plugin suffers from a cross-site request forgery vulnerability that stems from the WEB application not adequately verifying...
EUVD-2025-31684
Malicious code in bioql PyPI...
EUVD-2025-8760
Malicious code in bioql PyPI...
CVE-2025-9948
The Chat by Chatwee plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.3. This is due to missing or incorrect nonce validation on the admin settings page. This makes it possible for unauthenticated attackers to modify plugin settings via a...
CVE-2025-9948
The Chat by Chatwee plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.3. This is due to missing or incorrect nonce validation on the admin settings page. This makes it possible for unauthenticated attackers to modify plugin settings via a...
CVE-2025-9948
The CVE-2025-9948 entry corresponds to the WordPress plugin Chat by Chatwee, vulnerable to Cross-Site Forgery (CSRF) on the admin settings page in all versions up to 2.1.3. The root cause is missing or incorrect nonce validation, allowing unauthenticated attackers to modify plugin settings by tri...
CVE-2025-9948 Chat by Chatwee <= 2.1.3 - Cross-Site Request Forgery to Settings Update
The Chat by Chatwee plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.3. This is due to missing or incorrect nonce validation on the admin settings page. This makes it possible for unauthenticated attackers to modify plugin settings via a...
CVE-2025-9948 Chat by Chatwee <= 2.1.3 - Cross-Site Request Forgery to Settings Update
The Chat by Chatwee plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.3. This is due to missing or incorrect nonce validation on the admin settings page. This makes it possible for unauthenticated attackers to modify plugin settings via a...
WordPress plugin Chatwee 跨站请求伪造漏洞
WordPress Chatwee plugin is a plugin for adding live chat functionality to your WordPress website with multi-language and internationalization support. The WordPress Chatwee plugin suffers from a cross-site request forgery vulnerability that stems from the WEB application not adequately verifying...
PT-2025-39950
Name of the Vulnerable Software and Affected Versions Chat by Chatwee plugin for WordPress versions through 2.1.3 Description The Chat by Chatwee plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is a result of inadequate or missing nonce validation on the admin setting...
WordPress Chat by Chatwee plugin <= 2.1.3 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by Nabil Irawan in WordPress Plugin Chat by Chatwee versions = 2.1.3...
CVE-2025-31596
Missing Authorization vulnerability in Chatwee Chat by Chatwee chatwee allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chat by Chatwee: from n/a through = 2.1.3...
WordPress Chat by Chatwee plugin <= 2.1.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Mika in WordPress Plugin Chat by Chatwee versions = 2.1.3...
CVE-2025-31596
Missing Authorization vulnerability in Chatwee Chat by Chatwee chatwee allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chat by Chatwee: from n/a through = 2.1.3...
CVE-2025-31596 WordPress Chat by Chatwee plugin <= 2.1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Chatwee Chat by Chatwee chatwee allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chat by Chatwee: from n/a through = 2.1.3...
CVE-2025-31596
Technical details for CVE-2025-31596 are not publicly provided in the supplied documents. No product/version/root-cause/impact information is available here. Monitor for updates and new disclosures.
CVE-2025-31596 WordPress Chat by Chatwee plugin <= 2.1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Chatwee Chat by Chatwee chatwee allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chat by Chatwee: from n/a through = 2.1.3...
WordPress plugin Chat by Chatwee 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exis...