55 matches found
EUVD-2026-11571
The Simple Ajax Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'c' parameter in versions up to, and including, 20260217 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...
CVE-2026-2987
The Simple Ajax Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'c' parameter in versions up to, and including, 20260217 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...
CVE-2026-2987 Simple Ajax Chat <= 20260217 - Unauthenticated Stored Cross-Site Scripting via 'c'
The Simple Ajax Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'c' parameter in versions up to, and including, 20260217 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...
CVE-2026-2987
The CVE-2026-2987 entry concerns the WordPress plugin Simple Ajax Chat. A Stored Cross-Site Scripting (Stored XSS) flaw exists via the c parameter in versions up to and including 20260217, caused by insufficient input sanitization and output escaping. This enables unauthenticated attackers to inj...
CVE-2026-2987 Simple Ajax Chat <= 20260217 - Unauthenticated Stored Cross-Site Scripting via 'c'
The Simple Ajax Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'c' parameter in versions up to, and including, 20260217 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...
WordPress Simple Ajax Chat plugin <= 20260217 - Unauthenticated Stored Cross-Site Scripting via 'c' vulnerability
Unauthenticated Stored Cross-Site Scripting via 'c' vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin Simple Ajax Chat versions = 20260217...
WordPress plugin Simple Ajax Chat 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress Plugin Simple Ajax Chat Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Simple Ajax Chat. The...
CVE-2026-3075
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.This issue affects Simple Ajax Chat: from n/a through = 20251121...
CVE-2026-3075
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.This issue affects Simple Ajax Chat: from n/a through = 20251121...
CVE-2026-3075
CVE-2026-3075 : WordPress plugin Simple Ajax Chat (simple-ajax-chat)
CVE-2026-3075 WordPress Simple Ajax Chat plugin <= 20251121 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.This issue affects Simple Ajax Chat: from n/a through = 20251121...
CVE-2026-3075
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.This issue affects Simple Ajax Chat: from n/a through = 20251121...
PT-2026-21561
Name of the Vulnerable Software and Affected Versions Jeff Starr Simple Ajax Chat versions prior to 20251122 Description A flaw exists in Jeff Starr Simple Ajax Chat that allows retrieval of embedded sensitive data, potentially exposing sensitive system information to an unauthorized control...
WordPress plugin Simple Ajax Chat 安全漏洞
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Simple Ajax Chat. The...
WordPress Simple Ajax Chat plugin <= 20251121 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Jakub Herman in WordPress Plugin Simple Ajax Chat versions = 20251121...
CVE-2024-2956
The Simple Ajax Chat – Add a Fast, Secure Chat Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 20231101 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...
EUVD-2022-30270
Malicious code in bioql PyPI...
EUVD-2022-32338
Malicious code in bioql PyPI...
CVE-2024-1983
The Simple Ajax Chat WordPress plugin before 20240223 does not prevent visitors from using malicious Names when using the chat, which will be reflected unsanitized to other users...