CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Patchstack•added 2026/04/21 9:34 a.m.•1 views

WordPress collectchat plugin <= 2.4.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ritsuy in WordPress Plugin collectchat versions = 2.4.9...

5.8AI score

Exploits0Affected Software1

Patchstack•added 2024/08/05 7:14 a.m.•2 views

WordPress CollectChat plugin < 2.4.4 - Admin+ XSS vulnerability

Admin+ XSS vulnerability discovered by Fourcade in WordPress Plugin collectchat versions 2.4.4...

4.8CVSS6.4AI score0.00223EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2024/08/05 6:0 a.m.•12 views

CVE-2024-6498 CollectChat < 2.4.4 - Admin+ XSS

The Chatbot for WordPress by Collect.chat ⚡️ WordPress plugin before 2.4.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

6.1AI score0.00223EPSS

Exploits1References1

Cvelist•added 2024/08/05 6:0 a.m.•13 views

CVE-2024-6498 CollectChat < 2.4.4 - Admin+ XSS

0.00223EPSS

Exploits1References1

Patchstack•added 2024/08/05 12:0 a.m.•7 views

WordPress collectchat Plugin < 2.4.4 is vulnerable to Cross Site Scripting (XSS)

Software collectchat Type Plugin Vulnerable versions 2.4.4 Fixed in 2.4.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6498 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0dd324fc130c Credits Fourcade Required privilege...

4.8CVSS5.8AI score0.00223EPSS

Exploits1References4Affected Software1

NVD•added 2024/03/29 6:15 p.m.•6 views

CVE-2024-30436

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Collect.Chat Inc. Collectchat allows Stored XSS.This issue affects Collectchat: from n/a through 2.4.1...

6.5CVSS6.4AI score0.00084EPSS

Exploits0References1

Cvelist•added 2024/03/29 5:25 p.m.•12 views

CVE-2024-30436 WordPress Collect.chat plugin <= 2.4.1 - Cross Site Scripting (XSS) vulnerability

6.5CVSS6.6AI score0.00084EPSS

Exploits0References1

Positive Technologies•added 2024/03/29 12:0 a.m.•1 views

PT-2024-23364 · Unknown · Collectchat

Name of the Vulnerable Software and Affected Versions: Collectchat versions through 2.4.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS, where an attacker can inject malicious script...

6.5CVSS9.5AI score0.00084EPSS

Exploits0References5

Patchstack•added 2024/03/28 12:0 a.m.•5 views

WordPress collectchat Plugin <= 2.4.1 is vulnerable to Cross Site Scripting (XSS)

Software collectchat Type Plugin Vulnerable versions = 2.4.1 Fixed in 2.4.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30436 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4cbc97ddc44d Credits LVT-tholv2k Required privilege Contributor...

6.5CVSS6.6AI score0.00084EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/11/27 12:0 a.m.•10 views

WordPress collectchat Plugin <= 2.3.9 is vulnerable to Cross Site Scripting (XSS)

Software collectchat Type Plugin Vulnerable versions = 2.3.9 Fixed in 2.4.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5691 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 37082863c9af Credits Huynh Tien Si Required...

4.8CVSS6AI score0.00181EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by