9 matches found
WordPress Chatwee plugin cross-site request forgery vulnerability
WordPress Chatwee plugin is a plugin for adding live chat functionality to your WordPress website with multi-language and internationalization support. The WordPress Chatwee plugin suffers from a cross-site request forgery vulnerability that stems from the WEB application not adequately verifying...
EUVD-2025-31684
Malicious code in bioql PyPI...
CVE-2025-9948
The Chat by Chatwee plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.3. This is due to missing or incorrect nonce validation on the admin settings page. This makes it possible for unauthenticated attackers to modify plugin settings via a...
CVE-2025-9948
The Chat by Chatwee plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.3. This is due to missing or incorrect nonce validation on the admin settings page. This makes it possible for unauthenticated attackers to modify plugin settings via a...
CVE-2025-9948
The CVE-2025-9948 entry corresponds to the WordPress plugin Chat by Chatwee, vulnerable to Cross-Site Forgery (CSRF) on the admin settings page in all versions up to 2.1.3. The root cause is missing or incorrect nonce validation, allowing unauthenticated attackers to modify plugin settings by tri...
CVE-2025-9948 Chat by Chatwee <= 2.1.3 - Cross-Site Request Forgery to Settings Update
The Chat by Chatwee plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.3. This is due to missing or incorrect nonce validation on the admin settings page. This makes it possible for unauthenticated attackers to modify plugin settings via a...
PT-2025-39950
Name of the Vulnerable Software and Affected Versions Chat by Chatwee plugin for WordPress versions through 2.1.3 Description The Chat by Chatwee plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is a result of inadequate or missing nonce validation on the admin setting...
WordPress Chat by Chatwee plugin <= 2.1.3 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by Nabil Irawan in WordPress Plugin Chat by Chatwee versions = 2.1.3...
WordPress Chat by Chatwee plugin <= 2.1.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Mika in WordPress Plugin Chat by Chatwee versions = 2.1.3...