55 matches found
EUVD-2025-18334
Malicious code in bioql PyPI...
EUVD-2024-43347
Malicious code in bioql PyPI...
EUVD-2025-8529
Malicious code in bioql PyPI...
EUVD-2024-32417
Malicious code in bioql PyPI...
EUVD-2025-15759
Malicious code in bioql PyPI...
EUVD-2022-51824
Malicious code in bioql PyPI...
WordPress Click to Chat plugin <= 4.22 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via data-no_number Parameter vulnerability
Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via data-nonumber Parameter vulnerability discovered by Asaf Mozes in WordPress Plugin Click to Chat versions = 4.22...
CVE-2025-5336
The Click to Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-nonumber’ parameter in all versions up to, and including, 4.22 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...
CVE-2025-5336 Click to Chat <= 4.22 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via data-no_number Parameter
The Click to Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-nonumber’ parameter in all versions up to, and including, 4.22 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...
CVE-2025-5336
CVE-2025-5336 concerns WordPress plugin “Click to Chat” for HoliThemes. The vulnerability is a Stored DOM-based Cross-Site Scripting via the data-no_number parameter in versions up to 4.22, caused by insufficient input sanitization and output escaping. Exploitation requires authenticated access a...
WordPress plugin Click to Chat 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Click to Chat plugin, which stems from insufficient input cleanup and escaping, and can be exploited by an attacker ...
PT-2025-25474 · WordPress · Click To Chat
Name of the Vulnerable Software and Affected Versions: Click to Chat plugin for WordPress versions up to, and including, 4.22 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows authenticated attackers with...
CVE-2024-49281
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Ninja Team Click to Chat – WP Support All-in-One Floating Widget support-chat allows Stored XSS.This issue affects Click to Chat – WP Support All-in-One Floating Widget: from n/a through =...
CVE-2022-4480
The Click to Chat WordPress plugin before 3.18.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privile...
CVE-2025-39411
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in IndiePlugins WhatsApp Click to Chat Plugin for WordPress wpt-whatsapp.This issue affects WhatsApp Click to Chat Plugin for WordPress: from n/a through = 2.2.12...
CVE-2025-39411 WordPress WhatsApp Click to Chat Plugin for WordPress plugin <= 2.2.12 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in IndiePlugins WhatsApp Click to Chat Plugin for WordPress wpt-whatsapp.This issue affects WhatsApp Click to Chat Plugin for WordPress: from n/a through = 2.2.12...
WordPress plugin WhatsApp Click to Chat Plugin for WordPress 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-22079 · WordPress · Indie Plugins Whatsapp Click To Chat Plugin
Name of the Vulnerable Software and Affected Versions: Indie Plugins WhatsApp Click to Chat Plugin for WordPress versions n/a through 2.2.12 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion'...
CVE-2025-31092
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ninja Team Click to Chat – WP Support All-in-One Floating Widget support-chat allows Stored XSS.This issue affects Click to Chat – WP Support All-in-One Floating Widget: from n/a through = 2.3.4...
CVE-2025-31092
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ninja Team Click to Chat – WP Support All-in-One Floating Widget support-chat allows Stored XSS.This issue affects Click to Chat – WP Support All-in-One Floating Widget: from n/a through = 2.3.4...