Malicious code in botframework-webchat-base (npm)

The package botframework-webchat-base was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-16007 Malicious code in botframework-webchat-react-valibot (npm)

The package botframework-webchat-react-valibot was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-16008 Malicious code in botframework-webchat-styles (npm)

The package botframework-webchat-styles was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-16006 Malicious code in botframework-webchat-base (npm)

The package botframework-webchat-base was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

Malicious code in twilio-webchat-widget (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ab5419528c85b4b675bfd8bd45c7d107e151b10606f24a8ef7c9b9192dd6f14 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5587 Malicious code in twilio-webchat-widget (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ab5419528c85b4b675bfd8bd45c7d107e151b10606f24a8ef7c9b9192dd6f14 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2002-2391

SQL injection vulnerability in index.php of WebChat 1.5 included in XOOPS 1.0 allows remote attackers to execute arbitrary SQL commands via the roomid parameter...

CVE-2025-3058

The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the xwcsavesettings function in all versions up to, and including, 9.1.0. This makes it possible for authenticated attackers, with...

CVE-2025-39542

Incorrect Privilege Assignment vulnerability in Jauhari Xelion Xelion Webchat xelion-webchat allows Privilege Escalation.This issue affects Xelion Webchat: from n/a through = 9.1.0...

CVE-2025-3058

The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the xwcsavesettings function in all versions up to, and including, 9.1.0. This makes it possible for authenticated attackers, with...

CVE-2025-3058 Xelion Webchat <= 9.1.0 - Authenticated (Subscriber+) Arbitrary Options Update

The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the xwcsavesettings function in all versions up to, and including, 9.1.0. This makes it possible for authenticated attackers, with...

CVE-2025-3058 Xelion Webchat <= 9.1.0 - Authenticated (Subscriber+) Arbitrary Options Update

The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the xwcsavesettings function in all versions up to, and including, 9.1.0. This makes it possible for authenticated attackers, with...

CVE-2025-3058

CVE-2025-3058 (Xelion Webchat, WordPress) affects the Xelion Webchat plugin for WordPress, up to and including version 9.1.0. The flaw is a missing capability check in the xwc_save_settings() function, enabling an authenticated attacker with Subscriber+ privileges to update arbitrary options. Doc...

WordPress plugin Xelion Webchat 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

PT-2025-17711 · WordPress · Xelion Webchat

Name of the Vulnerable Software and Affected Versions: Xelion Webchat plugin for WordPress versions up to and including 9.1.0 Description: The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability...

CVE-2025-39542

Incorrect Privilege Assignment vulnerability in Jauhari Xelion Xelion Webchat xelion-webchat allows Privilege Escalation.This issue affects Xelion Webchat: from n/a through = 9.1.0...

CVE-2025-39542

CVE-2025-39542: In Xelion Webchat (WordPress plugin Xelion Webchat), an Incorrect Privilege Assignment flaw allows Privilege Escalation for versions n/a through 9.1.0. The issue is categorized with CVSS 3.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) for a base score of 8.8 (HIGH); exploitation would r...

CVE-2025-39542 WordPress Xelion Webchat plugin <= 9.1.0 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Jauhari Xelion Xelion Webchat xelion-webchat allows Privilege Escalation.This issue affects Xelion Webchat: from n/a through = 9.1.0...

CVE-2025-39542 WordPress Xelion Webchat plugin <= 9.1.0 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Jauhari Xelion Xelion Webchat xelion-webchat allows Privilege Escalation.This issue affects Xelion Webchat: from n/a through = 9.1.0...

PT-2025-17177 · Unknown · Xelion Webchat

Name of the Vulnerable Software and Affected Versions: Xelion Webchat versions n/a through 9.1.0 Description: The issue is related to an Incorrect Privilege Assignment, which allows Privilege Escalation in Xelion Webchat. Recommendations: For versions n/a through 9.1.0, update to a version that...