26 matches found
EUVD-2025-4723
Malicious code in bioql PyPI...
EUVD-2024-35432
Malicious code in bioql PyPI...
CVE-2024-3595
The Pure Chat – Live Chat Plugin & More! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the purechatwid and purechatwname parameter in all versions up to, and including, 2.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...
CVE-2024-13736
The Pure Chat – Live Chat & More! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘purechatWidgetName’ parameter in all versions up to, and including, 2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
CVE-2024-13736
The Pure Chat – Live Chat & More! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘purechatWidgetName’ parameter in all versions up to, and including, 2.31 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
CVE-2024-13736
CVE-2024-13736 concerns the WordPress plugin Pure Chat – Live Chat & More! . Wordfence intelligence lists a Reflected Cross-Site Scripting vulnerability associated with the plugin via the purechatWidgetName parameter, affecting versions up to 2.4. The vulnerability is noted as patched in a subseq...
CVE-2024-13736 Pure Chat – Live Chat & More! <= 2.4 - Reflected Cross-Site Scripting via purechatWidgetName Parameter
The Pure Chat – Live Chat & More! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘purechatWidgetName’ parameter in all versions up to, and including, 2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
CVE-2024-13736 Pure Chat – Live Chat & More! <= 2.4 - Reflected Cross-Site Scripting via purechatWidgetName Parameter
The Pure Chat – Live Chat & More! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘purechatWidgetName’ parameter in all versions up to, and including, 2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
WordPress plugin Pure Chat – Live Chat & More! 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...
WordPress Pure Chat – Live Chat & More! plugin <= 2.4 - Reflected Cross-Site Scripting via purechatWidgetName Parameter vulnerability
Reflected Cross-Site Scripting via purechatWidgetName Parameter vulnerability discovered by Rein Daelman trein in WordPress Plugin Pure Chat versions = 2.4...
Pure Chat – Live Chat Plugin & More! < 2.23 - Cross-Site Request Forgery
Description The Pure Chat plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.22. This is due to missing or incorrect nonce validation on the purechatupdate function. This makes it possible for unauthenticated attackers to update chat details v...
CVE-2024-35673
Cross-Site Request Forgery CSRF vulnerability in Pure Chat by Ruby Pure Chat.This issue affects Pure Chat: from n/a through 2.22...
CVE-2024-35673
Cross-Site Request Forgery CSRF vulnerability in Pure Chat by Ruby Pure Chat.This issue affects Pure Chat: from n/a through 2.22...
CVE-2024-35673
CVE-2024-35673 describes a Cross-Site Request Forgery (CSRF) vulnerability in the Pure Chat – Live Chat & More! WordPress plugin, affecting version range up to 2.22. The vulnerability is categorized as a CSRF issue with a Medium risk (CVSS v3.1 score 4.3 in NVD metrics). The connected documents i...
CVE-2024-35673 WordPress Pure Chat plugin <= 2.22 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Pure Chat by Ruby Pure Chat.This issue affects Pure Chat: from n/a through 2.22...
CVE-2024-35673 WordPress Pure Chat plugin <= 2.22 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Pure Chat by Ruby Pure Chat.This issue affects Pure Chat: from n/a through 2.22...
WordPress Pure Chat plugin <= 2.22 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Pure Chat versions = 2.22...
WordPress Pure Chat Plugin <= 2.22 is vulnerable to Cross Site Request Forgery (CSRF)
Software Pure Chat Type Plugin Vulnerable versions = 2.22 Fixed in 2.3 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-35673 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0d07c2ba182d Credits Majed Refaea Required...
CVE-2024-3595
The Pure Chat – Live Chat Plugin & More! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the purechatwid and purechatwname parameter in all versions up to, and including, 2.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...
WordPress plugin Pure Chat 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...