10 matches found
CVE-2025-12448
The Smartsupp – live chat, AI shopping assistant and chatbots plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'code' parameter in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-12448
The Smartsupp – live chat, AI shopping assistant and chatbots plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'code' parameter in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-12448 Smartsupp – live chat, AI shopping assistant and chatbots <= 3.9.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting
The Smartsupp – live chat, AI shopping assistant and chatbots plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'code' parameter in all versions up to, and including, 3.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-12448
Smartsupp – live chat, AI shopping assistant and chatbots for WordPress (plugin) is vulnerable up to version 3.9.1 to a Stored Cross-Site Scripting via the 'code' parameter due to insufficient input sanitization and output escaping. The vulnerability allows authenticated attackers with Subscriber...
WordPress plugin Smartsupp – live chat, AI shopping assistant and chatbots 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-20582
Name of the Vulnerable Software and Affected Versions Smartsupp – live chat, AI shopping assistant and chatbots versions prior to 3.9.2 Description The Smartsupp – live chat, AI shopping assistant and chatbots plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to...
CVE-2024-38790 WordPress Smartsupp plugin <= 3.6 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Smartsupp Smartsupp – live chat, chatbots, AI and lead generation smartsupp-live-chat allows Cross Site Request Forgery.This issue affects Smartsupp – live chat, chatbots, AI and lead generation: from n/a through = 3.6...
CVE-2024-38790 WordPress Smartsupp plugin <= 3.6 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Smartsupp Smartsupp – live chat, chatbots, AI and lead generation allows Cross Site Request Forgery.This issue affects Smartsupp – live chat, chatbots, AI and lead generation: from n/a through 3.6...
WordPress plugin Smartsupp 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...
WordPress Smartsupp plugin <= 3.6 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Smartsupp – live chat, chatbots, AI and lead generation versions = 3.6...