5 matches found
WordPress Wise Chat Plugin < 2.7 Mashandling of External Links Vulnerability
The WordPress plugin Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the...
Wordpress Wisechat 2.6.3 Plugin - Reverse Tabnabbing Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Wisechat if window.opener window.opener.parent.location.replace'http://mtk911.cf/'; if window.parent != window window.parent.location.replace'http://mtk911.cf/'; Open Redirect TEST when you click on that user...
WordPress Wisechat 2.6.3 Forced Redirect / Phishing
Exploit Title: Wordpress Plugin Wisechat if window.opener window.opener.parent.location.replace'http://mtk911.cf/'; if window.parent != window window.parent.location.replace'http://mtk911.cf/'; Open Redirect TEST when you click on that user. This opens in a new tab, and the parent tab is silently...
WordPress Plugin Wisechat 2.6.3 - Reverse Tabnabbing
Exploit Title: Wordpress Plugin Wisechat if window.opener window.opener.parent.location.replace'http://mtk911.cf/'; if window.parent != window window.parent.location.replace'http://mtk911.cf/'; Open Redirect TEST when you click on that user. This opens in a new tab, and the parent tab is silently...
CVE-2019-6780
The CVE-2019-6780 entry concerns the WordPress Wise Chat plugin prior to 2.7. The root cause is in WiseChatLinksPostFilter.php, where external links are mishandled due to omission of noopener and noreferrer attributes when rendering links. Public references in connected documents corroborate this...