Lucene search
K

89 matches found

OpenVAS
OpenVAS
added 2022/12/06 12:0 a.m.11 views

WordPress Chaty Plugin < 3.0.3 SQLi Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

7.2CVSS7.1AI score0.00992EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2022/12/05 4:50 p.m.7 views

CVE-2022-3858 Chaty < 3.0.3 - Admin+ SQLi

The Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button WordPress plugin before 3.0.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...

7.4AI score0.00992EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/12/05 12:0 a.m.4 views

WordPress plugin Chaty SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...

7.2CVSS7.2AI score0.00992EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2022/11/14 12:0 a.m.14 views

Chaty < 3.0.3 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin. PoC...

7.2CVSS0.8AI score0.00992EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/11/14 12:0 a.m.322 views

Chaty < 3.0.3 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin...

7.2CVSS1.4AI score0.00992EPSS
Exploits2
OpenVAS
OpenVAS
added 2022/06/20 12:0 a.m.11 views

WordPress Chaty Pro Plugin < 2.8.2 XSS Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

6.1CVSS6.3AI score0.01798EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2022/06/20 12:0 a.m.15 views

WordPress Chaty Plugin < 2.8.4 XSS Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

6.1CVSS6.3AI score0.01798EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2022/05/11 12:0 a.m.10 views

WordPress Premio Chaty Plugin < 2.8.4 XSS Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

4.8CVSS5.3AI score0.00576EPSS
Exploits0References1
CNVD
CNVD
added 2022/04/13 12:0 a.m.16 views

WordPress Prize Chaty plugin跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress Premio Chaty plugin 2.8.3 and earlier versions contain a cross-site scripting vulnerability that can be exploited by an...

0.8AI score
Exploits0Affected Software1
NVD
NVD
added 2022/04/11 8:15 p.m.24 views

CVE-2021-36846

Authenticated admin or higher user role Stored Cross-Site Scripting XSS vulnerability in Premio Chaty WordPress plugin = 2.8.3...

4.8CVSS0.00576EPSS
Exploits0References2
OSV
OSV
added 2022/04/11 8:15 p.m.3 views

CVE-2021-36846

Authenticated admin or higher user role Stored Cross-Site Scripting XSS vulnerability in Premio Chaty WordPress plugin = 2.8.3...

4.8CVSS5.8AI score0.00576EPSS
Exploits0References2
Prion
Prion
added 2022/04/11 8:15 p.m.19 views

Cross site scripting

Authenticated admin or higher user role Stored Cross-Site Scripting XSS vulnerability in Premio Chaty WordPress plugin = 2.8.3...

3.5CVSS4.9AI score0.00576EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/04/11 7:37 p.m.80 views

CVE-2021-36846

CVE-2021-36846 affects the WordPress Premio Chaty plugin; authenticated users (admin+) can store XSS in plugin settings. Public details cite versions &lt;= 2.8.3 (and OpenVAS reference to

4.8CVSS4.8AI score0.00576EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/04/11 7:37 p.m.9 views

CVE-2021-36846 WordPress Chaty plugin <= 2.8.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated admin or higher user role Stored Cross-Site Scripting XSS vulnerability in Premio Chaty WordPress plugin = 2.8.3...

4.8CVSS4.8AI score0.00576EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/04/11 7:37 p.m.30 views

CVE-2021-36846 WordPress Chaty plugin <= 2.8.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated admin or higher user role Stored Cross-Site Scripting XSS vulnerability in Premio Chaty WordPress plugin = 2.8.3...

4.8CVSS5.1AI score0.00576EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/04/11 12:0 a.m.5 views

WordPress plugin Premio Chaty跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A security vulnerability exists in the WordPress plug...

4.8CVSS5.1AI score0.00576EPSS
Exploits0References3
Patchstack
Patchstack
added 2022/04/08 12:0 a.m.28 views

WordPress Chaty plugin <= 2.8.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas Patchstack Alliance in WordPress Chaty plugin versions = 2.8.3. Solution No patched version is available...

4.8CVSS2.8AI score0.00576EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2022/01/05 12:0 a.m.17 views

WordPress Chaty Cross-Site Scripting Vulnerability (CNVD-2022-03904)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Chaty versions prior to 2.8.3 and WordPress...

6.1CVSS5.8AI score0.01798EPSS
Exploits2References1
OSV
OSV
added 2022/01/03 1:15 p.m.4 views

CVE-2021-25016

The Chaty WordPress plugin before 2.8.3 and Chaty Pro WordPress plugin before 2.8.2 do not sanitise and escape the search parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting...

6.1CVSS5.8AI score0.01798EPSS
Exploits2References1
Prion
Prion
added 2022/01/03 1:15 p.m.17 views

Cross site scripting

The Chaty WordPress plugin before 2.8.3 and Chaty Pro WordPress plugin before 2.8.2 do not sanitise and escape the search parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting...

4.3CVSS6AI score0.01798EPSS
Exploits2References1Affected Software2
Rows per page
Query Builder