Lucene search
K

55 matches found

EUVD
EUVD
added 2026/03/12 3:30 p.m.6 views

EUVD-2026-11571

The Simple Ajax Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'c' parameter in versions up to, and including, 20260217 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

6.1CVSS5.9AI score0.00172EPSS
Exploits0References3
NVD
NVD
added 2026/03/12 1:16 p.m.4 views

CVE-2026-2987

The Simple Ajax Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'c' parameter in versions up to, and including, 20260217 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

6.1CVSS0.00172EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/12 12:26 p.m.24 views

CVE-2026-2987 Simple Ajax Chat <= 20260217 - Unauthenticated Stored Cross-Site Scripting via 'c'

The Simple Ajax Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'c' parameter in versions up to, and including, 20260217 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

6.1CVSS0.00172EPSS
Exploits0References2
CVE
CVE
added 2026/03/12 12:26 p.m.18 views

CVE-2026-2987

The CVE-2026-2987 entry concerns the WordPress plugin Simple Ajax Chat. A Stored Cross-Site Scripting (Stored XSS) flaw exists via the c parameter in versions up to and including 20260217, caused by insufficient input sanitization and output escaping. This enables unauthenticated attackers to inj...

6.1CVSS5.9AI score0.00172EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/12 12:26 p.m.7 views

CVE-2026-2987 Simple Ajax Chat <= 20260217 - Unauthenticated Stored Cross-Site Scripting via 'c'

The Simple Ajax Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'c' parameter in versions up to, and including, 20260217 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

6.1CVSS5.9AI score0.00172EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/03/12 8:45 a.m.6 views

WordPress Simple Ajax Chat plugin <= 20260217 - Unauthenticated Stored Cross-Site Scripting via 'c' vulnerability

Unauthenticated Stored Cross-Site Scripting via 'c' vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin Simple Ajax Chat versions = 20260217...

6.1CVSS5.8AI score0.00172EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.7 views

WordPress plugin Simple Ajax Chat 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.1CVSS5.7AI score0.00172EPSS
Exploits0References2
CNVD
CNVD
added 2026/03/02 12:0 a.m.4 views

WordPress Plugin Simple Ajax Chat Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Simple Ajax Chat. The...

5.3CVSS5.6AI score0.00304EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/24 11:2 p.m.9 views

CVE-2026-3075

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.This issue affects Simple Ajax Chat: from n/a through = 20251121...

5.3CVSS5.4AI score0.00304EPSS
Exploits0References1
NVD
NVD
added 2026/02/23 9:19 p.m.8 views

CVE-2026-3075

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.This issue affects Simple Ajax Chat: from n/a through = 20251121...

5.3CVSS0.00304EPSS
Exploits0References1
CVE
CVE
added 2026/02/23 8:48 p.m.10 views

CVE-2026-3075

CVE-2026-3075 : WordPress plugin Simple Ajax Chat (simple-ajax-chat)

5.3CVSS5.4AI score0.00304EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/23 8:48 p.m.4 views

CVE-2026-3075 WordPress Simple Ajax Chat plugin <= 20251121 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.This issue affects Simple Ajax Chat: from n/a through = 20251121...

5.3CVSS5.9AI score0.00304EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/23 8:48 p.m.6 views

CVE-2026-3075

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.This issue affects Simple Ajax Chat: from n/a through = 20251121...

5.4AI score0.00304EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/23 12:0 a.m.7 views

PT-2026-21561

Name of the Vulnerable Software and Affected Versions Jeff Starr Simple Ajax Chat versions prior to 20251122 Description A flaw exists in Jeff Starr Simple Ajax Chat that allows retrieval of embedded sensitive data, potentially exposing sensitive system information to an unauthorized control...

5.2AI score0.00304EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/23 12:0 a.m.7 views

WordPress plugin Simple Ajax Chat 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Simple Ajax Chat. The...

5.3CVSS5.7AI score0.00304EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/02/17 8:7 p.m.7 views

WordPress Simple Ajax Chat plugin <= 20251121 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Jakub Herman in WordPress Plugin Simple Ajax Chat versions = 20251121...

5.3CVSS5.3AI score0.00304EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/07 9:14 a.m.12 views

CVE-2024-2956

The Simple Ajax Chat – Add a Fast, Secure Chat Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 20231101 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...

4.4CVSS5.8AI score0.0033EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-30270

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00692EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-32338

Malicious code in bioql PyPI...

5.4CVSS5.1AI score0.00381EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:59 a.m.11 views

CVE-2024-1983

The Simple Ajax Chat WordPress plugin before 20240223 does not prevent visitors from using malicious Names when using the chat, which will be reflected unsanitized to other users...

7.1CVSS6.7AI score0.00452EPSS
Exploits2References1
Rows per page
Query Builder