Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:0 a.m.8 views

CVE-2019-12498

The WP Live Chat Support plugin before 8.0.33 for WordPress accepts certain REST API calls without invoking the wplcapipermissioncheck protection mechanism...

9.8CVSS7.1AI score0.01995EPSS
Exploits0References1
CVE
CVE
added 2020/03/20 6:37 p.m.154 views

CVE-2019-12498

The CVE-2019-12498 entry affects the WordPress WP Live Chat Support plugin, where versions prior to 8.0.33 allow unauthenticated REST API access because the wplc_api_permission_check protection is not invoked. Public sources (NVD, Red Hat, CVE lists) describe this as an API-authentication bypass ...

9.8CVSS9.5AI score0.01995EPSS
Exploits0References3Affected Software1
The Hacker News
The Hacker News
added 2019/06/11 10:21 a.m.3 views

New Flaw in WordPress Live Chat Plugin Lets Hackers Steal and Hijack Sessions

Security researchers have been warning about a critical vulnerability they discovered in one of a popular WordPress Live Chat plugin, which, if exploited, could allow unauthorized remote attackers to steal chat logs or manipulate chat sessions. The vulnerability, identified as CVE-2019-12498,...

9.8CVSS7.2AI score0.01995EPSS
Exploits0
The Hacker News
The Hacker News
added 2019/06/11 10:21 a.m.90 views

New Flaw in WordPress Live Chat Plugin Lets Hackers Steal and Hijack Sessions

Security researchers have been warning about a critical vulnerability they discovered in one of a popular WordPress Live Chat plugin, which, if exploited, could allow unauthorized remote attackers to steal chat logs or manipulate chat sessions. The vulnerability, identified as CVE-2019-12498,...

9.8CVSS0.7AI score0.01995EPSS
Exploits0
Rows per page
Query Builder