2 matches found
CVE-2023-5691
CVE-2023-5691 : The Chatbot for WordPress plugin (collectchat) is affected up to version 2.3.9 and contains stored XSS in admin settings due to insufficient input sanitization and output escaping. Exploitation requires an authenticated user with Administrator privileges, and the vulnerability app...
WordPress collectchat Plugin <= 2.3.9 is vulnerable to Cross Site Scripting (XSS)
Software collectchat Type Plugin Vulnerable versions = 2.3.9 Fixed in 2.4.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5691 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 37082863c9af Credits Huynh Tien Si Required...