CVE-2026-8420

The BLOGCHAT Chat System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.6.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious...

EUVD-2026-31028

The BLOGCHAT Chat System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.6.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious...

CVE-2026-8420

The BLOGCHAT Chat System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.6.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious...

PT-2026-42078

Name of the Vulnerable Software and Affected Versions BLOGCHAT Chat System versions prior to 1.3.6.4 Description The BLOGCHAT Chat System plugin for WordPress contains a Cross-Site Request Forgery CSRF flaw. This occurs due to missing or incorrect nonce validation—a security token used to ensure...

WordPress BLOGCHAT Chat System plugin <= 1.3.6.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin BLOGCHAT Chat System versions = 1.3.6.3...

CVE-2024-11400

The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the reallycurrtax parameter in all versions up to, and including, 1.3.6.3 due to insufficient input sanitization and output escaping. This makes it possible for...

WordPress plugin HUSKY – Products Filter for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

WordPress HUSKY Plugin <= 1.3.6.3 is vulnerable to Cross Site Scripting (XSS)

Software HUSKY Type Plugin Vulnerable versions = 1.3.6.3 Fixed in 1.3.6.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11400 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID db9ff0ff3180 Credits Daniel Scheidt Required...