2 matches found
WP Live Chat Support <= 8.0.27 — Stored Cross-Site Scripting
wp-live-chat-support plugin before 8.0.27 for WordPress contains a reflected cross-site scripting caused by insufficient sanitization in the GDPR page, letting attackers execute arbitrary scripts in the context of the victim's browser, exploit requires victim to visit a malicious page. id:...
CVE-2019-14950
The wp-live-chat-support plugin for WordPress is affected by an XSS flaw in the GDPR page for versions prior to 8.0.27. The issue arises from insufficient sanitization, enabling execution of arbitrary scripts in the victim’s browser (per 2019 CVE entry and corroborated by the 2025–2026 connected ...