nuxt-tawk-to (>=1.0.0 <=2.0.0) potentially affected by CVE-2025-8349 via @tawk.to/tawk-messenger-vue-3 (=1.0.3)

@tawk.to/tawk-messenger-vue-3 NPM version =1.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on @tawk.to/tawk-messenger-vue-3 and may be impacted: - nuxt-tawk-to =1.0.0, =2.0.0 Source cves: CVE-2025-8349 Source advisory:...

CVE-2023-49175

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kreativo Pro KP Fastest Tawk.To Chat allows Stored XSS.This issue affects KP Fastest Tawk.To Chat: from n/a through 1.1.1...

PT-2023-31093 · Tawkto · Kreativo Pro Kp Fastest Tawk.To Chat

Name of the Vulnerable Software and Affected Versions: Kreativo Pro KP Fastest Tawk.To Chat versions 1.1.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker ca...

WordPress plugin Tawk.To Live Chat 跨站请求伪造漏洞

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on PHP and MySQL servers. WordPress Tawk.To Live Chat plugin in versions prior to 0.6.0 suffers from a cross-site request forgery...