CVE-2018-11105
CVE-2018-11105 describes a stored cross-site scripting (XSS) vulnerability in the WordPress WP Live Chat Support plugin for versions prior to 8.0.08. The flaw allows injection via the name (wplc_name) and email (wplc_email) fields to the API endpoint /wp-json/wp_live_chat_support/v1/start_chat wh...