CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Patchstack•added 2025/04/16 5:46 p.m.•3 views

WordPress Xelion Webchat plugin <= 9.1.0 - Privilege Escalation Vulnerability

Privilege Escalation Vulnerability discovered by LVT-tholv2k in WordPress Plugin Xelion Webchat versions = 9.1.0...

8.8CVSS8.1AI score0.00329EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/03/15 8:11 a.m.•7 views

CVE-2024-22880

Cross Site Scripting vulnerability in Zadarma Zadarma extension v.1.0.11 allows a remote attacker to execute a arbitrary code via a crafted script to the webchat component...

4.7CVSS7AI score0.00262EPSS

OSV•added 2025/03/13 2:15 p.m.•0 views

CVE-2024-22880

Cross Site Scripting vulnerability in Zadarma Zadarma extension v.1.0.11 allows a remote attacker to execute a arbitrary code via a crafted script to the webchat component...

4.7CVSS6.1AI score0.00262EPSS

CVE•added 2025/03/13 12:0 a.m.•47 views

CVE-2024-22880

CVE-2024-22880 describes a Cross Site Scripting vulnerability in the Zadarma extension version 1.0.11, where a remote attacker can cause the webchat component to execute arbitrary code through a crafted script. The CVSS 3.1 base score is 4.7 (Medium), with network attack vector, high attack compl...

4.7CVSS6.8AI score0.00262EPSS

Exploits1References1Affected Software1

Cvelist•added 2025/03/13 12:0 a.m.•9 views

CVE-2024-22880

Cross Site Scripting vulnerability in Zadarma Zadarma extension v.1.0.11 allows a remote attacker to execute a arbitrary code via a crafted script to the webchat component...

0.00262EPSS

Vulnrichment•added 2025/03/13 12:0 a.m.•6 views

CVE-2024-22880

Cross Site Scripting vulnerability in Zadarma Zadarma extension v.1.0.11 allows a remote attacker to execute a arbitrary code via a crafted script to the webchat component...

6.8AI score0.00262EPSS

OSSF Malicious Packages•added 2024/11/27 3:33 a.m.•4 views

Malicious code in seller-webchat-service (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24b68c2b24c603c8d9041a3cd7aeefed0ea836500df679a24bc061241fec376a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2024/11/27 3:33 a.m.•2 views

MAL-2024-11088 Malicious code in seller-webchat-service (npm)

OSSF Malicious Packages•added 2024/11/27 12:55 a.m.•2 views

Malicious code in seller-webchat-build-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4b3dfd5d6ff1c62c4de5dec773047aa8b80fe5ccaa84cc4e2ab8d35b7eedebe2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2024/11/27 12:55 a.m.•2 views

MAL-2024-11087 Malicious code in seller-webchat-build-sdk (npm)

OSSF Malicious Packages•added 2024/11/27 12:14 a.m.•3 views

Malicious code in seller-webchat-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7ea4f9c784e3e3c7d5f98a2c973d3f87e15ae439cdd4fe1b46362551a22772cd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2024/11/27 12:14 a.m.•6 views

MAL-2024-11004 Malicious code in seller-webchat-ui (npm)

OSSF Malicious Packages•added 2024/11/17 12:44 a.m.•3 views

Malicious code in seller-webchat-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 024c0618a42ed68bfdd63a4e68af72dfe7cdcb55d521bc3b167770c757388465 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2024/11/16 4:47 p.m.•2 views

Malicious code in seller-webchat-modules (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware efe3ed359ac7762158b5f9007e341ccb501278d1259683e98786cdde66e56a2c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2024/11/16 4:13 p.m.•3 views

Malicious code in seller-webchat-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c08c36430d0f111cf5379d4566cc13f5b904dbfcb91a51e28ae64199874c5da Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2024/11/16 4:13 p.m.•3 views

MAL-2024-10810 Malicious code in seller-webchat-common (npm)

OSSF Malicious Packages•added 2024/10/07 5:38 p.m.•5 views

Malicious code in botframework-webchat-cldr-data-downloader (npm)

The package contains code to exfiltrate local machine information to a remote server over DNS. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 069cec738fcd016cead066052e66581ac130f721c6454d3079b1d054381031e8 Any computer that has this package installed or running...

OSV•added 2024/10/07 5:38 p.m.•4 views

MAL-2024-9217 Malicious code in botframework-webchat-cldr-data-downloader (npm)

OSSF Malicious Packages•added 2022/09/21 4:23 a.m.•3 views

Malicious code in hawaii-webchat (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 39e497f5fb91bf8ac9ccd93a1fe5ae711c55468a84503de1c8152803c3039e70 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...