13 matches found
EUVD-2025-12134
Malicious code in bioql PyPI...
CVE-2025-3058
The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the xwcsavesettings function in all versions up to, and including, 9.1.0. This makes it possible for authenticated attackers, with...
CVE-2025-3058
The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the xwcsavesettings function in all versions up to, and including, 9.1.0. This makes it possible for authenticated attackers, with...
CVE-2025-3058
CVE-2025-3058 (Xelion Webchat, WordPress) affects the Xelion Webchat plugin for WordPress, up to and including version 9.1.0. The flaw is a missing capability check in the xwc_save_settings() function, enabling an authenticated attacker with Subscriber+ privileges to update arbitrary options. Doc...
CVE-2025-3058 Xelion Webchat <= 9.1.0 - Authenticated (Subscriber+) Arbitrary Options Update
The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the xwcsavesettings function in all versions up to, and including, 9.1.0. This makes it possible for authenticated attackers, with...
CVE-2025-3058 Xelion Webchat <= 9.1.0 - Authenticated (Subscriber+) Arbitrary Options Update
The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the xwcsavesettings function in all versions up to, and including, 9.1.0. This makes it possible for authenticated attackers, with...
PT-2025-17711 · WordPress · Xelion Webchat
Name of the Vulnerable Software and Affected Versions: Xelion Webchat plugin for WordPress versions up to and including 9.1.0 Description: The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability...
WordPress plugin Xelion Webchat 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
CVE-2025-39542 WordPress Xelion Webchat plugin <= 9.1.0 - Privilege Escalation Vulnerability
Incorrect Privilege Assignment vulnerability in Jauhari Xelion Xelion Webchat xelion-webchat allows Privilege Escalation.This issue affects Xelion Webchat: from n/a through = 9.1.0...
CVE-2025-39542 WordPress Xelion Webchat plugin <= 9.1.0 - Privilege Escalation Vulnerability
Incorrect Privilege Assignment vulnerability in Jauhari Xelion Xelion Webchat xelion-webchat allows Privilege Escalation.This issue affects Xelion Webchat: from n/a through = 9.1.0...
WordPress plugin Xelion Webchat 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
PT-2025-17177 · Unknown · Xelion Webchat
Name of the Vulnerable Software and Affected Versions: Xelion Webchat versions n/a through 9.1.0 Description: The issue is related to an Incorrect Privilege Assignment, which allows Privilege Escalation in Xelion Webchat. Recommendations: For versions n/a through 9.1.0, update to a version that...
WordPress Xelion Webchat plugin <= 9.1.0 - Privilege Escalation Vulnerability
Privilege Escalation Vulnerability discovered by LVT-tholv2k in WordPress Plugin Xelion Webchat versions = 9.1.0...