EUVD-2025-4723

Malicious code in bioql PyPI...

CVE-2024-3595

The Pure Chat – Live Chat Plugin & More! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the purechatwid and purechatwname parameter in all versions up to, and including, 2.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...

CVE-2024-13736

The Pure Chat – Live Chat & More! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘purechatWidgetName’ parameter in all versions up to, and including, 2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2024-13736

The Pure Chat – Live Chat & More! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘purechatWidgetName’ parameter in all versions up to, and including, 2.31 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2024-13736 Pure Chat – Live Chat & More! <= 2.4 - Reflected Cross-Site Scripting via purechatWidgetName Parameter

The Pure Chat – Live Chat & More! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘purechatWidgetName’ parameter in all versions up to, and including, 2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

WordPress Pure Chat plugin <= 2.22 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by Lucio Sá in WordPress Plugin Pure Chat versions = 2.22...

PT-2024-26799 · WordPress · Pure Chat – Live Chat Plugin & More!

Name of the Vulnerable Software and Affected Versions: The Pure Chat – Live Chat Plugin & More! plugin for WordPress versions up to, and including, 2.22 Description: The issue arises from insufficient input sanitization and output escaping, allowing authenticated attackers with subscriber access ...