Lucene search
K

39 matches found

CNNVD
CNNVD
added 2025/04/01 12:0 a.m.3 views

WordPress plugin AtomChat 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.3CVSS6AI score0.00372EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/03/31 1:55 p.m.3 views

WordPress AtomChat plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin AtomChat versions = 1.1.7...

6.5CVSS6.1AI score0.00237EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/03/31 1:15 p.m.17 views

CVE-2025-31532

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Team AtomChat AtomChat atomchat allows Stored XSS.This issue affects AtomChat: from n/a through = 1.1.8...

6.5CVSS0.00237EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/31 12:55 p.m.8 views

CVE-2025-31532 WordPress AtomChat plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Team AtomChat AtomChat allows Stored XSS. This issue affects AtomChat: from n/a through 1.1.6...

6.5CVSS6.7AI score0.00237EPSS
Exploits0References1
CVE
CVE
added 2025/03/31 12:55 p.m.48 views

CVE-2025-31532

CVE-2025-31532 exposes AtomChat Group Chat & Video Chat (AtomChat) via Stored XSS in versions up to 1.1.6 due to improper neutralization of input during web page generation; no patch/mitigation details are provided in the supplied docs.

6.5CVSS7.2AI score0.00237EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/31 12:55 p.m.24 views

CVE-2025-31532 WordPress AtomChat plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Team AtomChat AtomChat atomchat allows Stored XSS.This issue affects AtomChat: from n/a through = 1.1.8...

6.5CVSS0.00237EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.4 views

WordPress plugin AtomChat 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

6.5CVSS7.6AI score0.00237EPSS
Exploits0References2
NVD
NVD
added 2025/01/02 12:15 p.m.17 views

CVE-2023-46606

Missing Authorization vulnerability in Team AtomChat AtomChat atomchat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through = 1.1.4...

5.3CVSS0.00378EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/02 12:0 p.m.8 views

CVE-2023-46606 WordPress AtomChat plugin <= 1.1.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Team AtomChat AtomChat atomchat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through = 1.1.4...

5.3CVSS7.3AI score0.00378EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/02 12:0 p.m.26 views

CVE-2023-46606 WordPress AtomChat plugin <= 1.1.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Team AtomChat AtomChat atomchat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through = 1.1.4...

5.3CVSS0.00378EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/02 12:0 a.m.6 views

WordPress plugin AtomChat 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.3CVSS8.7AI score0.00378EPSS
Exploits0References1
NVD
NVD
added 2024/11/01 10:15 a.m.12 views

CVE-2024-10232

The Group Chat & Video Chat by AtomChat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's atomchat shortcode in all versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

6.4CVSS0.00318EPSS
Exploits0References3
CVE
CVE
added 2024/11/01 9:29 a.m.43 views

CVE-2024-10232

CVE-2024-10232 : The WordPress plugin Group Chat & Video Chat by AtomChat is vulnerable to Stored Cross-Site Scripting via the atomchat shortcode in all versions up to and including 1.1.5. The issue stems from insufficient input sanitization and output escaping on user-supplied attributes, allowi...

6.4CVSS5.7AI score0.00318EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/01 9:29 a.m.9 views

CVE-2024-10232 AtomChat <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via atomchat Shortcode

The Group Chat & Video Chat by AtomChat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's atomchat shortcode in all versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

6.4CVSS5.8AI score0.00318EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/11/01 12:0 a.m.3 views

PT-2024-16129 · WordPress · Group Chat & Video Chat By Atomchat

Name of the Vulnerable Software and Affected Versions: Group Chat & Video Chat by AtomChat plugin for WordPress versions up to, and including, 1.1.5 Description: The vulnerability is a Stored Cross-Site Scripting issue due to insufficient input sanitization and output escaping on user-supplied...

6.4CVSS6.2AI score0.00318EPSS
Exploits0References10
Patchstack
Patchstack
added 2024/10/31 9:7 p.m.4 views

WordPress AtomChat plugin <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin AtomChat versions = 1.1.5...

6.4CVSS5.7AI score0.00318EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/31 12:0 a.m.8 views

WordPress AtomChat Plugin <= 1.1.5 is vulnerable to Cross Site Scripting (XSS)

Software AtomChat Type Plugin Vulnerable versions = 1.1.5 Fixed in 1.1.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10232 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 646d1a105951 Credits Peter Thaleikis Required...

6.4CVSS5.8AI score0.00318EPSS
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
added 2023/11/23 12:0 a.m.22 views

AtomChat <= 1.1.4 - Missing Authorization via credits REST API Endpoint

Description The AtomChat plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'credits' REST API function in versions up to, and including, 1.1.4. This makes it possible for unauthenticated attackers to manipulate user credits when the...

6.9AI score0.00378EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/10/24 12:0 a.m.10 views

WordPress AtomChat Plugin <= 1.1.4 is vulnerable to Broken Access Control

Software AtomChat Type Plugin Vulnerable versions = 1.1.4 Fixed in 1.1.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-46606 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ec5d5334fbec Credits Mika Required privilege...

6.6AI score0.00378EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder