Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

41 matches found

CNVD
CNVDadded 2026/03/17 12:0 a.m.0 views

WordPress Plugin Chaty Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Chaty suffers from an information disclosure vulnerability that can be exploit...

7.5CVSS5.7AI score0.00046EPSS
Exploits0References1
CVE
CVEadded 2026/03/05 5:53 a.m.11 views

CVE-2026-27370

CVE-2026-27370 describes an information-disclosure flaw in WordPress Chaty plugin (versions up to and including 3.5.1). The issue is labeled as an insertion of sensitive information into sent data, enabling retrieval of embedded sensitive data. Affected product: Chaty (WordPress plugin). Underlyi...

7.5CVSS5.9AI score0.00046EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/05 5:53 a.m.0 views

CVE-2026-27370 WordPress Chaty plugin <= 3.5.1 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Premio Chaty chaty allows Retrieve Embedded Sensitive Data.This issue affects Chaty: from n/a through = 3.5.1...

7.5CVSS5.8AI score0.00046EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/05 5:53 a.m.27 views

CVE-2026-27370 WordPress Chaty plugin <= 3.5.1 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Premio Chaty chaty allows Retrieve Embedded Sensitive Data.This issue affects Chaty: from n/a through = 3.5.1...

7.5CVSS0.00046EPSS
Exploits0References1
Patchstack
Patchstackadded 2026/02/24 11:7 a.m.3 views

WordPress Chaty plugin <= 3.5.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by daroo in WordPress Plugin Chaty versions = 3.5.1...

7.5CVSS5.3AI score0.00046EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVEadded 2026/01/07 9:18 a.m.9 views

CVE-2025-1450

The Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button, WhatsApp – Chaty plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-hover’ parameter in all versions up to, and including, 3.3.5 due to insufficient input...

6.4CVSS5.8AI score0.00268EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-51857

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00073EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 1:56 a.m.3 views

CVE-2023-25019

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Premio Chaty plugin = 3.0.9 versions...

7.1CVSS5.9AI score0.00088EPSS
Exploits0References1
NVD
NVDadded 2025/02/27 10:15 a.m.12 views

CVE-2025-1450

The Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button, WhatsApp – Chaty plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-hover’ parameter in all versions up to, and including, 3.3.5 due to insufficient input...

6.4CVSS0.00268EPSS
Exploits0References4
OSV
OSVadded 2025/02/27 10:15 a.m.1 views

CVE-2025-1450

The Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button, WhatsApp – Chaty plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-hover’ parameter in all versions up to, and including, 3.3.5 due to insufficient input...

5.4CVSS5.9AI score
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/02/27 9:21 a.m.8 views

CVE-2025-1450 Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button, WhatsApp – Chaty <= 3.3.5 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting

The Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button, WhatsApp – Chaty plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-hover’ parameter in all versions up to, and including, 3.3.5 due to insufficient input...

6.4CVSS5.8AI score0.00268EPSS
Exploits0References4
CVE
CVEadded 2025/02/27 9:21 a.m.164 views

CVE-2025-1450

CVE-2025-1450 affects the Floating Chat Widget: Chaty plugin for WordPress. It is a Stored XSS via the data-hover parameter in all versions up to 3.3.5. An authenticated attacker with Contributor-level access or higher can inject scripts that execute when users view the injected page. Connected s...

6.4CVSS5.7AI score0.00268EPSS
Exploits0References4Affected Software1
Patchstack
Patchstackadded 2024/06/13 9:45 a.m.3 views

WordPress Chaty plugin < 3.2.3 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Chaty versions 3.2.3...

6.1CVSS6.1AI score0.00186EPSS
Exploits2References1Affected Software1
Patchstack
Patchstackadded 2024/06/13 12:0 a.m.8 views

WordPress Chaty Plugin < 3.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Chaty Type Plugin Vulnerable versions 3.2.3 Fixed in 3.2.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4149 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 77a371d206e3 Credits Krugov Artyom Required privilege...

6.1CVSS5.7AI score0.00186EPSS
Exploits2References4Affected Software1
Patchstack
Patchstackadded 2024/04/24 12:0 a.m.8 views

WordPress Chaty Plugin < 3.1.9 is vulnerable to Cross Site Scripting (XSS)

Software Chaty Type Plugin Vulnerable versions 3.1.9 Fixed in 3.1.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2972 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID de00cfe54026 Credits Dmitrii Ignatyev Required privilege...

5.7AI score0.00097EPSS
Exploits2References4Affected Software1
OSV
OSVadded 2023/11/22 8:15 p.m.0 views

CVE-2023-47759

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Premio Chaty plugin = 3.1.2 versions...

4.8CVSS7.3AI score
Exploits0References1
Prion
Prionadded 2023/11/22 8:15 p.m.8 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Premio Chaty plugin = 3.1.2 versions...

4.3CVSS7.1AI score0.00073EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/11/22 7:49 p.m.16 views

CVE-2023-47759 WordPress Chaty plugin <= 3.1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Premio Chaty chaty allows DOM-Based XSS.This issue affects Chaty: from n/a through = 3.1.2...

5.9CVSS6AI score0.00073EPSS
Exploits0References1
CVE
CVEadded 2023/11/22 7:49 p.m.71 views

CVE-2023-47759

CVE-2023-47759 describes a Cross-Site Scripting (XSS) issue in the Premio Chaty WordPress plugin, affecting versions

5.9CVSS6.6AI score0.00073EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2023/11/22 7:49 p.m.9 views

CVE-2023-47759 WordPress Chaty plugin <= 3.1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Premio Chaty chaty allows DOM-Based XSS.This issue affects Chaty: from n/a through = 3.1.2...

5.9CVSS6.6AI score0.00073EPSS
Exploits0References1
Rows per page
Query Builder