39 matches found
WordPress plugin AtomChat 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress AtomChat plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin AtomChat versions = 1.1.7...
CVE-2025-31532
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Team AtomChat AtomChat atomchat allows Stored XSS.This issue affects AtomChat: from n/a through = 1.1.8...
CVE-2025-31532 WordPress AtomChat plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Team AtomChat AtomChat allows Stored XSS. This issue affects AtomChat: from n/a through 1.1.6...
CVE-2025-31532
CVE-2025-31532 exposes AtomChat Group Chat & Video Chat (AtomChat) via Stored XSS in versions up to 1.1.6 due to improper neutralization of input during web page generation; no patch/mitigation details are provided in the supplied docs.
CVE-2025-31532 WordPress AtomChat plugin <= 1.1.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Team AtomChat AtomChat atomchat allows Stored XSS.This issue affects AtomChat: from n/a through = 1.1.8...
WordPress plugin AtomChat 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...
CVE-2023-46606
Missing Authorization vulnerability in Team AtomChat AtomChat atomchat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through = 1.1.4...
CVE-2023-46606 WordPress AtomChat plugin <= 1.1.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Team AtomChat AtomChat atomchat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through = 1.1.4...
CVE-2023-46606 WordPress AtomChat plugin <= 1.1.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Team AtomChat AtomChat atomchat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through = 1.1.4...
WordPress plugin AtomChat 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2024-10232
The Group Chat & Video Chat by AtomChat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's atomchat shortcode in all versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
CVE-2024-10232
CVE-2024-10232 : The WordPress plugin Group Chat & Video Chat by AtomChat is vulnerable to Stored Cross-Site Scripting via the atomchat shortcode in all versions up to and including 1.1.5. The issue stems from insufficient input sanitization and output escaping on user-supplied attributes, allowi...
CVE-2024-10232 AtomChat <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via atomchat Shortcode
The Group Chat & Video Chat by AtomChat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's atomchat shortcode in all versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
PT-2024-16129 · WordPress · Group Chat & Video Chat By Atomchat
Name of the Vulnerable Software and Affected Versions: Group Chat & Video Chat by AtomChat plugin for WordPress versions up to, and including, 1.1.5 Description: The vulnerability is a Stored Cross-Site Scripting issue due to insufficient input sanitization and output escaping on user-supplied...
WordPress AtomChat plugin <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin AtomChat versions = 1.1.5...
WordPress AtomChat Plugin <= 1.1.5 is vulnerable to Cross Site Scripting (XSS)
Software AtomChat Type Plugin Vulnerable versions = 1.1.5 Fixed in 1.1.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10232 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 646d1a105951 Credits Peter Thaleikis Required...
AtomChat <= 1.1.4 - Missing Authorization via credits REST API Endpoint
Description The AtomChat plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'credits' REST API function in versions up to, and including, 1.1.4. This makes it possible for unauthenticated attackers to manipulate user credits when the...
WordPress AtomChat Plugin <= 1.1.4 is vulnerable to Broken Access Control
Software AtomChat Type Plugin Vulnerable versions = 1.1.4 Fixed in 1.1.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-46606 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ec5d5334fbec Credits Mika Required privilege...