PT-2025-38976

Name of the Vulnerable Software and Affected Versions Casengo versions through 2.1.4 Description A Cross-Site Request Forgery CSRF issue exists in Casengo Live Chat Support, which also allows Stored Cross-Site Scripting XSS. The issue allows for potential malicious actions to be performed on beha...

CVE-2024-13612

The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bettermessageslivechatbutton' shortcode in all versions up to, and including, 2.6.9 due to insufficient input...

CVE-2023-33257

Verint Engagement Management 15.3 Update 2023R2 is vulnerable to HTML injection via the user data form in the live chat...

CVE-2025-32624 WordPress Czater.pl – live chat i telefon plugin <= 1.0.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Missing Authorization vulnerability in czater Czater.pl – live chat i telefon czater allows Cross Site Request Forgery.This issue affects Czater.pl – live chat i telefon: from n/a through = 1.0.5...

PT-2023-24250 · Verint · Verint Engagement Management

Name of the Vulnerable Software and Affected Versions: Verint Engagement Management version 15.3 Update 2023R2 Description: The issue concerns HTML injection via the user data form in the live chat. This allows for potential malicious code injection. Recommendations: For Verint Engagement...